Two-factor authentication (often shortened to 2FA) provides a
way of ‘double-checking’ that you’re really the person you’re claiming to be
when you log into your online accounts, such as banking, email or social media.
When you log into an
online account with a username and password, you’re using what’s called
single-factor authentication. You only need one thing to verify that you are
who you say you are.
With 2FA, you need to
provide two things – your password and something else such as a code sent to
your mobile device or your fingerprint – before you can access your account.
Two-factor
authentication adds an additional layer of security to the authentication
process by making it harder for attackers to gain access to a person’s devices
or online accounts, because knowing the victim’s password alone is not enough
to pass the authentication check.
While it does require
one extra step to a log-in process, it provides a much stronger defence for
your account. If your password is hacked (accessed by someone else without your
permission) and you have 2FA activated on your account—the hacker cannot gain
access. They need both levels of authentication.
How to
set up 2FA?
Some online services
will automatically prompt you for a second factor when you log in. However many
don’t, so you will need to activate it yourself. You’ll find the option to
switch on 2FA in the security or privacy settings of your online accounts (it may
also be called ‘two-step verification’).
There are several types
of 2FA available based on either something you know, something you have or
something you are. Examples include:
- SMS codes sent to your phone
- security questions set up by you,
which only you would know the answers to when prompted
- a physical device, like a
security token that generates temporary access codes
- software, such as Authenticator
app, that sends a notification to your smart phone (or tablet) or provides
a temporary access code. Once you’ve installed one, you can use the same
app when setting up 2FA on any accounts which offer this option.
- fingerprint scans
- voice recognition.
Some accounts, for
example GMAIL, also give you a list of backup codes when you switch on 2FA.
When asked for a code you can use one of these, but each code will only work
once, so you’ll need to create more when you’ve used them all. Backup codes are
really useful if you need to log in without a phone to hand. You will need to
store the codes somewhere safe.
It is recommended:
- wherever possible, activate
two-factor authentication (2FA)
- use strong passwords /
passphrases and keep them safe
- do not use the same passwords
across multiple sites
- use a password manager to keep
stock of all your passwords and log-in details.
https://www.staysmartonline.gov.au/
https://searchsecurity.techtarget.com/
0 Comments