Two-factor authentication (2FA) is a security method that requires two different ways of proving your identity. It is commonly used in everyday life. For example paying with a credit card not only requires the card, but also a PIN, a signature, or an ID. With 1FA becoming increasingly unreliable as a security measure, two-factor authentication is rapidly gaining importance for logging into online accounts.
Per default, almost all online accounts use password authentication, i.e. a one-factor authentication method. The problem with passwords is that they are easily hacked. A further problem is that many users still use one and the same password for all their accounts. While being a bit of a hassle, 2FA significantly increases security by asking for an additional authentication factor, thus making it much harder to hack an account.
What Exactly Is Two-Factor Authentication (2FA)
As mentioned in the introduction, 2FA is a login method. The two authentication factors can be one of the following:
- Something you know, typically a password or the answer to a security question
- Something you have, for example a security code sent to your mobile or an ATM card
- Something you are, i.e. biometric data such as your fingerprints
Everyday examples where 2FA is employed are drawing money from the ATM (card + PIN), paying with a credit card (card + signature OR card + PIN OR card + security code), or entering a foreign country (passport + biometric data).
Why You Should Use It
Imagine someone hacked into your email account. What kind of information would they gain access to?
Here is an idea: user names of other accounts, passwords to other accounts, alternative email addresses, personal data, personal photos, scanned documents, information about your friends, family, and other contacts, credit card numbers, bank account numbers, insurance numbers, anything else?
Would this information potentially help them to hack into some of your other accounts, for example Facebook? And at how many places have you logged in using your Facebook or another social media account?
When you think about it, you will find that most of your online accounts are interlinked. Hacking one of them probably gives a smart person access to several other of your accounts. In other words, if someone manages to hack into one of your key accounts, your identity has practically been stolen and the potential consequences are madness.
Where You Should Use It
Ideally, you should use 2FA for all accounts where you store any type of personal information, as well as accounts that have payment information linked to them. This includes, but is not limited to:
- email account/s
- Facebook and similar social media accounts
- online banking
- online payment accounts
- online shopping accounts
- any type of cloud storage service
- online gaming accounts
Unfortunately, not all online accounts or services offer 2FA or are clear about it. Often, it’s a matter of poking around their website to find additional security options.
Two key online services that do offer 2FA and for which you should definitely enable it are Facebook (login approvals) and Google (2-step verification). You can read more about their respective 2FA features here:
2FA is an indispensable security measure for your key online accounts, such as email, banking, or social networking. While two-factor authentication doesn’t mean your accounts are immune to attacks, it does make your accounts more resilient as a hacker needs to crack more than a simple password. Whether or not a second authentication factor is worth the hassle depends on the account and what type of information is stored in it.
Where are you using two-factor authentication and do you think it’s worth the hassle?