Two-factor authentication (2FA) is often described as a mechanism that allows you to add a layer of extra security to your online accounts.
But to most people that sounds all quite vague. What does it actually mean?
Why Two-Factor Authentication is often needed
Most people who use the Internet will have online accounts, whether it’s a Facebook account, a Google account, an Amazon account, a PayPal account or something else.
Now, with a minimal amount of security, the only thing that really stands between a criminal and access to your account is your password. This means that it’s just a password that is needed to for someone to gain entry to an online account.
With the all various types of advanced cyber crimes out there in the wild, there are a number of ways a criminal could get a hold of your password, meaning that by itself, a password alone is not the most secure way of protecting your online account.
What is Two-Factor Authentication?
Ideally, you want to combine that password with something else so both are needed to access your account. A password is a single factor of authentication. Combine that with something else, and you have two-factor authentication.
Most commonly, this means when logging in, a user enters a code along with their password. The code is sent either to the user’s phone or their email address at the time they try and login. A code sent to a phone is generally more secure, since the only way to see this code is to be in possession of the phone, while the email address could potentially be compromised.
So two-factor authentication essentially means having two different things needed to login to your account. For example, your password and then a code that was sent to your phone.
Is 2FA inconvenient?
A popular criticism of Two-Factor Authentication and a typical deterrent to its use is that it is inconvenient. After all, a user doesn’t want to have to enter their email and wait for a code to be sent to their phone every time they login. Many people log-into their accounts lots of times each day.
However, depending on what websites you’re using, this may not be as inconvenient as first assumed, since most popular sites including Facebook and Amazon will only ask for this extra layer of security when you login to your account for the first time on a particular device (like a specific computer or phone.) After that, your device goes onto a list of approved devices and you won’t have to perform this security measure again when using that particular device. This is good since you won’t be bothered with it when logging in, but a criminal trying to access your account from their computer will.
Another inconvenience is that many users do not like over-sharing information, and the prospect of giving away their mobile phone is not an alluring prospect.
Is 2FA completely secure?
Two-Factor Authentication is much more secure than just relying on a password, which could be compromised by a malware or phishing scam, or if your password is compromised from the website itself. However it is not completely secure, since hardly anything is online. There are ways to bypass this extra level of security, though generally they require much more sophisticated scams to do so.
Since most scams we see spread on sites like Facebook are predominantly quite primitive, two-factor authentication will help protect against a lot of these. However it is important not to be fooled into thinking your account is immune to being compromised just because you have this feature enabled. It isn’t, so don’t be complacent with your online security! Having good internet security software installed and practising good security habits is still very important.
Do we recommend Two-Factor Authentication?
Generally, we do. Especially on important accounts that you really don’t want compromised. This applies certainly to your Facebook account which probably has lots of personal photos on it, and if criminals access this account, they can launch a variety of scams on your friends. Also online shopping accounts or accounts that deal with finances like Amazon and PayPal should also be protected with two-factor authentication.
It is likely that – until the advent of biometric security becoming a household name (protection via fingerprints, retina scans etc.) – two-factor authentication will eventually become increasingly popular, and it is something that is certainly worth getting on board with.