What exactly is 2-factor authentication? As you understand the growing importance of securing your online accounts, it’s likely you’re hearing about 2-factor authentication more and more. Here’s an explanation of what it is and how you can effectively use it.
By definition, 2-factor authentication is a method by which an institution, website, social media platform or other application verifies your identity beyond the first step of using your password (which should already be a secure password!)
Two-factor authentication (also shortened as 2FA) is an added layer of security to make sure that even if somebody where to steal or crack your password, they still wouldn’t be able to log into your bank, email or other account. When used in conjunction with a good VPN, these added layers of security can dramatically decrease your risk of online identity theft.
In short, it’s a very good security measure and one that I recommend you employ. Below I’d like to give you an idea of how 2-factor authentication works and how you can start using it today.
2-Factor Authentication | Video Explanation
To begin, take a few minutes to watch this 4-minute video showing you exactly what 2-factor authentication is and how to set it up (I used the example of Facebook). Of course, you can just scroll down if you’d rather read through the information.
Get weekly online security tips when you subscribe to VPNVideoReviews on YouTube!
Now, let’s take a moment to break down the most common types of 2-factor authentication being used today.
Different Types of 2-Factor Authentication
When you hear the term “2-factor authentication,” it may be a bit confusing at first. The reason is that this form of security is implemented in a number of different ways.
Let’s take a look at the most popular ways that companies are deploying 2-factor authentication:
1. Text Message
One of the most popular methods of 2-factor authentication is the text message.
Setting up text message 2FA requires you to give the company your phone number and allow them to text you a code when necessary.
Once enabled, text message 2FA goes like this:
- Sign into your account using your password. Instead of logging in, you’ll be directed to a page that asks for an additional code.
- A numeric code will be sent to your phone as a text message.
- Enter this code when prompted to get access to your account.
2. Authenticator App
To set up, you’ll be required to download the app on your phone and scan a QR code. At this point, the process goes like this:
- Sign into your account using your password. You’ll be directed to a page that asks for an additional code.
- Open Google Authenticator and find the 6-digit code.
- Enter that code when prompted to get access to your account.
3. Security Keys
The newest method of 2-factor authentication is the security key (see my look at the Google Titan Security Key). While it’s common within tech companies to use security keys, it’s only recently become available to the masses.
Setup for security keys is a bit more technical, but once complete, it makes life much easier. The process is simplified to look like this:
- Sign into your account using your password.
- As long as you have your security key on your keychain (for phones) or plugged into your USB port, you’ll immediately get access. No need for codes or additional steps.
No matter which method you choose, the outcome should be the same: the only way that somebody can hack your account is if they steal both your password and your phone.
It’s not foolproof, but it’s certainly the next step of added security for your important accounts.
Recommended Uses for 2-Factor Authentication (TODAY!)
The 2-Factor Authentication method is being used by a growing number of companies including financial institutions, social media platforms and many other online applications.
Unfortunately, I can’t list every single website and application that uses 2-factor authentication (that list would be way too long).
However, I’d like to give you a list of the most important areas where you should consider using 2-factor authentication today.
- Your Email: Set aside time to enable 2-factor authentication for your email before it’s too late. This added layer of security is available for Gmail, Hotmail, Yahoo, Office 365 and others. If your email service provider doesn’t offer 2-factor authentication, honestly, it’s time to start migrating to a new email.
- Your Financial Institution: Unless you still live in the stone age, you probably manage your bank account online. All major banks allow – and even encourage – their customers to enable 2-factor authentication. Go into your security profile and set it up.
- Your Social Media Platforms: Whether you use Facebook, Twitter, Pinterest, Instagram or others, it’s possible to enable 2-factor authentication on all of them. The biggest hurdle is figuring out how to turn it on, which usually requires users to go into their account’s advanced settings.
- Wherever You Store Sensitive Data: Do you host websites? Do you upload documents to Dropbox or Evernote? Think about areas of your online existence where a stolen password could be a big problem. Most of the time, these services will offer 2-factor authentication. If they don’t, I suggest you find an alternative service.
Annoyance is the New Standard of Security
Here’s a quick tip for you.
In a world where we value convenience and expediency, annoyance is the new standard of security.
What do I mean by that? Well, if I’m really honest, I have to say that it’s extremely annoying to have to wait for a text message or log into Google Authenticator just so that I can check my account balance at my bank. It’s annoying when all I want to do is check my email on my computer.
The desire to eliminate those annoyances is exactly what is going to make you vulnerable with your online security.
Yes, 2-factor authentication can be annoying. Hopefully, adoption of the security keys will grow, making this authentication much easier.
In the meantime, I highly suggest you swallow your frustration and endure the annoyance. It’s the new standard of security.
Final Thoughts | 2-Factor Authentication
If you’re reading this right now and you haven’t yet enabled 2-factor authentication, please stop and do that right now.
Take advantage of this extra layer of security for your email, banking, social media and online data storage. It only takes a few minutes to set up and it could make a world of difference for you online.
Remember, though: this is an added layer of security. You still need to make sure that you’re creating secure passwords for your accounts and if you’re connecting to public wi-fi (coffee shop, airport, etc.), make sure that you use a VPN to encrypt your data.