Is it really you? I mean, really, really you? If you shop online, download apps, do online banking or do pretty much anything on the Internet, you’re often asked to prove who you really are. And the way that you’re most often asked to prove that it’s “really you” is by entering a code sent to you via text or email. The sender knows that if you enter the code you were sent, your authentication is valid. And that it’s “really, really you.”
This additional authentication helps to prevent all types of cybercriminal activity. In fact, two-factor authentication can prevent 99.9% of automated attacks – hacking, data breaches and other types of security breaches. While strong passwords – those 12 characters long using letters, numbers and symbols – used to be the best way to secure your data, it is no longer enough. The standard nowadays is two-factor authentication, also known as two-step verification.
Take A Closer Look at 2-Factor Authentication
Think of 2-factor authentication (2FA) as getting an extra password that you can use to access your account. It’s a “one-time” password, or OTP, because the code is only valid for one-time use and often will expire in a short amount of time if not used within a designated time frame. The code can be sent to you via a text message or an email, but most experts agree that a text message is more secure. The reasoning is that if your email is hacked, a cybercriminal will get your access code and can then gain additional access to your secure accounts.
2FA is based on three distinct types of factors. First is something that you know. This is the knowledge that only you would have, such as a password or an answer to a security question you might have set up. The second factor is something that you have, which could include wireless tags, tokens or card readers, for example. The third factor is something you are, which could be facial recognition software, a fingerprint reader, voice recognition, retinal scanner or something similar. This is known as biometric authentication. It’s all done to prove that it’s really you trying to access your account.
If a hacker is able to gain access to your password and login credentials, and you’ve enabled 2FA, they will never be able to log into your account. That’s the beauty of 2FA – because hackers can work from just about anywhere in the world, and unless they happen to be standing next to you when your 2FA code comes in, they’ll be out of luck. That’s why 2FA is far more effective in preventing hacking than a simple password.
Limits with 2-Factor Authentication
As good as 2-factor authentication is, it does have some limits that could be problematic for a user. For example, if you use a smartphone and it’s lost, stolen or broken, you’re not going to be able to access your one-time password to get into your account until you have a new phone or other device. It is possible to recover your access codes, but it’s a difficult and time-consuming process.
Here’s another problem – if you choose to use email notification for your 2FA, and a hacker gains access to your password, your email could be compromised and the hacker could simply bypass your 2FA. Your secure and protected accounts using 2FA would be totally compromised. The other issue is that if a hacker gets hold of your 2FA, he or she could end up locking you out of your own accounts. So you should still be vigilant with all other best practices used to prevent hacking.
New Apps Can Help
While one-time passwords are traditionally delivered via text or email, there are new authentication apps available that can generate strong one-time codes to provide access to your accounts. For example, Google has its own 2-step authentication app called Google Authenticator. As long as you have a Google account and you download the Google Authenticator app, you’ll be able to use any service or website that offers 2FA.
Not to be outdone, Microsoft has its own authenticator as well, called, not surprisingly, Microsoft Authenticator. Like Google Authenticator, this app is also free and works across all devices and operating systems. In addition, it offers passwordless entry, eliminating the need for a password and also uses push notifications.
Facebook has come out with its own version called Facebook 2FA. It lets you use third-party authenticators or will provide codes directly from Facebook. But unlike Google and Microsoft, you can only use Facebook’s 2FA to access Facebook, so just be aware that it’s not a full-fledged authenticator.
Amazon also has a 2FA authentication app, and you’re able to use it for third-party authenticator support or on its own two-step, single-purpose authentication. If you prefer to use codes then you can use Amazon’s SMS notification option.
The good news is that as two-factor authorization gains in popularity, then more and more apps will be available. This will make everyone’s life easier, and remove any barriers that might be in place now with people who are hesitant to use 2FA.
The entire concept of 2FA is not foolproof, but it’s extremely hard to hack and nobody has found a way to bypass it once it’s in place on your smartphone or device. The bottom line is that 2FA gives you the second level of protection – above and beyond passwords, to secure your personal data from cybercrooks. It may take a little effort to use 2FA – but the peace-of-mind that comes with it is well worth the extra effort.