It’s surprising to hear that many people still aren’t sure what 2-factor authentication is and how it helps to protect their online security. The best way to explain it is to think of a door: the first level of authentication is putting a key in the door’s deadbolt lock, and the second level is putting a key in the door handle lock. It takes two keys to open the door, and that’s exactly how it is with 2-factor authentication – it takes two levels to open your device.
Another common analogy is the child-proof cap that’s found on most laundry products – a child can turn the top, or can depress the cap, but they aren’t able to open it unless they can do both at the same time, which of course they can’t. It’s safety and security for the child, and peace of mind for the parent. 2-factor authentication, or 2-step verification as it’s often called, is the same peace of mind the parent feels with the child’s safety cap.
2-Steps are Better than One
Sure, it’ll take a bit longer to access an email or log on to the Internet, but knowing that a hacker won’t be able to see what you’re able to see is worth the time – and the minimal effort. Here’s how the 2-step authentication works: the first step is usually your password. To keep hackers out, the password needs to be a strong one – which according to cybersecurity experts is 12 characters long with numbers, letters and symbols.
The second step is a “one-time password”, or OTP, that is sent to you either by text or by email, although the text is far more secure than an email. This is a code you’ll need to enter in order to gain access to your device. Why is this such a wonderful thing? Think about it – unless a cybercrook is sitting in the same room you’re in, next to you so they’re able to see the OTP that’s sent, they can’t get into your computer, phone or other device. That’s also why texting you the OTP is far superior to an email, because if the cybercriminal can hack your device, they’ll have access to your email, and then will be able to steal your OTP and do whatever they please.
How 2-Step Authentication Works
There are several different types of authentication factors that come into play with 2-step authentication. They are something you know, something you have, and something you are. The “something you know” is information that only you should have – like your strong password, or the answers to security questions you answered when you set up your account. The “something you have” can be a token, a wireless tag or a card reader, for example.
The final factor, “something you are” – is far more personal and it’s something that only you possess. It can be facial recognition software, a fingerprint, voice recognition or even retinal scanning, which is found in high-security installations.
The way that 2-factor authentication (2FA) works is that one of the two factors is withheld until you want to gain access to your online accounts, social media accounts and other Internet destinations on all of your devices. Once you request access and receive your one-time password, you authenticate who you are using one of the factors discussed, and you’re allowed in.
As you’d imagine, 2FA was developed and designed to prevent unauthorized users from gaining access to your accounts and information. It works! Because statistics show that using 2FA will prevent 99% of hacking attempts on your computer. That’s right, 99%! So even if some cybercrook was able to steal your username and password, they still can’t hack into your personal and financial information.
There are also new ways to get your one-time passwords and authentication codes, and that’s through apps that are specifically designed to be a part of the 2-step authentication process. For example, Google has its own 2-step authentication process using the Google Authenticator. If you have a Google account, you simply download their app and use it to gain access. It only works on Google, however, and not on other accounts. Microsoft has its own as well, called the Microsoft Authenticator.
Not to be outdone, Facebook has its own authenticator too. It’s actually a built-in security option that will serve as a single-purpose authenticator – meaning it will only work on Facebook applications, and not any others. And while you can only use it for Facebook access, it’s another level of convenience. Amazon has its own as well, but they have two options for you. One is a third-party authenticator, and the other is a single-purpose one like Facebook and Google.
Limits of 2-Factor Authentication
While 2FA is a level of security that’s comforting, it has some limits that you should be aware of. These are not insurmountable issues, but can cause delays and problems. For example, let’s say you lose your smartphone or it’s broken. To remedy the problem, you’ll need to purchase a new phone with the same number, because your authentication texts and emails will be sent to that phone.
The other issue is if you opt to receive your one-time passwords via email, be aware that a cyberthief can gain access to your email account, and if they do, they will be receiving your one-time password codes as well. This can become a huge problem when it comes to banking logins and other sensitive sites.
By following the information and suggestions listed above, you’ll have an unprecedented level of security that will help prevent your computer and devices from being hacked. And that’s a comforting thought!