You have probably seen more than once an online prompt that goes something like “Do you want to activate two-factor authentication?”. Commonly referred to as 2FA, or dual authentication, two-factor authentication is a multi-factor authentication process that drastically increases the security across any of your accounts. With 2FA you’re adding an extra layer of protection that no one else really has access to, and it’s something that’s needed, encouraged and should be utilized. In today’s incredibly fast paced digital world, additional security is crucial.
What is 2FA?
So, what is 2FA? Two-factor authentication is a method of protection that ensures that only you are able to access your accounts. It requires a user to prove their identity in two steps in order to complete the login process. It’s vastly different from the common one-step authentication, which simply requires a username and a password. Something we are all familiar with.
The 2FA method verifies in two parts. First, you enter your login credentials to the platform you want to enter like usual and once your 2FA is set up with a second device – typically a cell phone – you’ll be prompted to confirm or verify that the login attempt was in fact you. You’ll be either be asked a question asking ‘was this you?’ or be given a one-time code that you enter manually. Platforms like Gmail for example, offer both options as a method of two-factor authentication.
But aren’t security questions enough? Unfortunately they aren’t anymore. Security questions like ‘what is your mother’s maiden name?’ and ‘what was the name of the first street you lived on?’ have outlived their ability to truly protect. In addition, these types of security questions are not that difficult to figure out, especially if you are a hacker and your entire ‘profession’ is based on finding out the personal information and credentials of people.
It’s much more difficult to access an account that has 2FA enabled as you will not only receive a notification for each login attempt, but you will have to either confirm if it was you by physically pressing a button on your personal device, or physically enter the code that only you received on that same personal device. Let’s get into the various ways an account can be authenticated.
Three Methods of 2FA
There are three main factors to 2FA:
The knowledge factor method is something that you know, like a password or a personal identification number/pin code that you created
As a general note, security questions like the one mentioned above do fall into this category as they are “knowledge factors”
The possession factor is something that you physically have that can’t be copied but can be stolen- such as an ATM or bank card, cell phone etc
The biometric factor is something that you are, which is nearly impossible to replicate, like a fingerprint scan or access via face ID.
Two-factor authentication always utilizes two of the above factors – something you know, something you have, and something you are. Let’s use the following example from offline into the physical world. Think about when you withdraw money from an ATM machine. You have your bank card and you have your personal PIN number, two factors in order to complete the task at hand- withdraw money. Or maybe you enabled 2FA for your email address and choose to receive SMS notifications with unique codes that are entered on the login page. You already know your username and password – the knowledge factor – and you use your personal phone to receive the codes- something no one else has in their possession – the possession factor.
It’s beyond important to have this extra step of security and protection for your accounts that probably contain personal information like your birthday, credit card details, your home address, and more.
Why do we need 2FA?
Unfortunately single stand-alone passwords aren’t secure like they used to be. There are so many ways hackers can figure out your passwords. Check out this chart to see how long it would take someone to crack your password. And while no one method is 100% foolproof, 2FA makes you that much safer against data leaks and hacking attempts. However, it’s always a good idea to still generate strong passwords, especially if you don’t plan on using 2FA for each one of your accounts.