Two-Factor Authentication (2FA): How & why to use it

In today’s online environment, the classic username and password approach to security is easy prey for cybercriminals. Logins can be compromised in minutes, and private data (such as personal and financial details) are under increasing threat. Our need for online security has drastically changed, with hackers becoming smarter and exploiting new technical vulnerabilities, passwords alone are no longer secure enough to protect user accounts in the current technical landscape. This is why you should implement Two-Factor Authentication.

What is Two-Factor Authentication?

Two-Factor Authentication (also known as 2FA, Two-Step or Multi-Factor Authentication) is an important security measure which adds a second layer of protection in addition to your password. This may involve the use of a code from a physical device or an app which strengthens access security by requiring two methods to verify identity – using the principle of ‘something you know and something you possess’. If you want to keep your online accounts safe, adding 2FA is the single most important step you can take. 

Why use Two-Factor Authentication?

Two-Factor Authentication (2FA) is an effective way to verify that users are who they say they are. Even if you do have a highly complex password, there are still ways crafty hackers can obtain your password. Historically, passwords have been the weak link when it comes to security and with it becoming increasingly easy for cybercriminals to obtain passwords and exploit opportunities, enabling 2FA is more important than ever.

To verify a second piece of information in addition to your password, the options usually include: 

 

  • An ‘authenticator’ app – you may be required to install (for example) the Google Authenticator app on your mobile phone or another device. This allows you to receive codes as an additional layer of security prior to gaining access to an account. 

 

  • Verification code – this sends you a one-time numeric code (usually by email or SMS) that you need to insert to confirm your identity. 

 

There are other options like physical code generator devices and USB authentication devices but the above are the two most common.

How to enable 2FA

Though not all websites and applications utilise 2FA, those that do provide you with the option to activate it for your account if you wish to do so. Typically, you can turn on 2FA in your accounts settings, usually under the security tab. There are a number of popular websites already using 2FA which include Facebook, Twitter, Amazon, PayPal and Instagram, to name a few. 

Is 2FA secure?

Despite the best intentions to protect people’s personal data, 2FA can still be vulnerable. The reality is nothing is 100% secure and there are ways for cybercriminals to bypass the system and access an account even if you have 2FA enabled. 

In short, 2FA isn’t perfect but it does improve security. If you’re not already implementing 2FA within your organisation, don’t wait until your network is breached! Speak with one of our specialists today on 0161 464 6101 to find out more on securing your systems.

More from Datacentreplus

"