We all have passwords for at least all our online accounts. But when it comes to adding more security, long and boring passwords might not be the best and that’s where Two-Factor Authentication comes in.
Two-factor authentication (or 2FA, for short) complicates login security in your favor by requiring you to add a second piece of information to prove it’s really you. The second piece of information is mostly a temporary code delivered by a device in your possession, such as your phone or email or fingerprint, etc.
You might hear it referred to by a variety of names (e.g., multi-factor authentication, 2-step verification), but we’re going to stick with 2FA.
Why you should use 2FA
During large-scale password breaches which often happen a lot — many credentials are stolen and often sold and swapped in online marketplaces and hacking forums. Some attackers break into accounts for entertainment, and some, for a payday. It might not be personal but some attackers might just land on you unfortunately.
Here are a few different ways your account is most likely to get hijacked.
- Attackers will guess short or predictable passwords.
- After a large-scale password breach, some attackers will use automated scripts to try logging in to multiple websites with the same hacked credentials, just in case you reuse passwords on multiple accounts.
- Attackers will craft fake phishing pages to trick you into divulging your credentials.
- Spear phishing is targeted phishing. Typically the attacker will do their homework, gathering publicly available information (e.g., social media, public records) to create a good pretext for the phishing email. They may impersonate a friend or colleague direct you to a forged login page.
Attacks happen most of the time but I would recommend you to highly embrace 2FA
Some 2FA Options.
Most of the online services we use often have 2FA these days and you should always check it out and embrace it. Here are a few popular 2FA options that most services offer.
Option 1 – Text messages (SMS)
Most services allow you to use regular old text messages so that every time you attempt to login, you will receive a text message with a short code that you have to enter first before accessing your account. I know a number of people who will set “Remember this browser or device” which I totally would’t encourage. Imagine someone takes your device – you would have given him a more easier way to access your account.
Option 2 – Security keys
Right now, security keys are one of the most secure and efficient ways to use 2FA. A security key is a physical USB device you can use to authenticate into your account. Most common type I know is one which has a fingerprint sensor that you have to move your signed finger to open your account.
Option 3 – Authentication apps
A lot of services these-days also allow you to receive your temporary login code from a mobile apps such as;- Google Authenticator, Authy, Duo Mobile and it’s really a cool way to protect your account.
Option 4 – Backup codes
Backup codes allow us to avoid being locked out of our accounts in case we cannot access our authentication apps, security keys or mobile phones for text messages. But remember when storing these backup codes, let’s avoid clearly labeling them.
I knew some people who would write backup codes in the first pages of their diary with a bold heading that says “Google backup codes” – trust me, you could have given a lot of information to easily access your account – Remember we are looking at protecting your account but not advertising it to hackers and people with ill-intentions.
I hope you found this helpful, in case you want more about this, get in touch with me and I can give you more information about securing yourself.