Last week I mentioned 2FA or “two-factor authentication” regarding password managers. Which can also be called “multi-factor authentication”, “two-step verification”, along with a few more. That article allowed me to receive a few emails asking for a more detailed explanation of 2FA. So, here we go for today.
Click the video below and see how 2FA works.
Two-factor authentication is a security process in which a user provides two separate authentication factors to verify their identity. This allows them to gain access to a resource. Which can be access to online accounts, such as email, financial accounts, social media profiles, and/or banking, reducing the risk of fraud and identity theft. 2FA is usually a combination of a password and a security token received elsewhere. It could also be a password and a biometric factor, such as a fingerprint or facial recognition. The goal of 2FA is to provide an extra layer of security beyond just a password, making it more difficult for an attacker to gain access to sensitive information. In most cases, it means that they have to be present or in possession of your secondary authenticator.
It requires a second form of authentication, such as a code sent to a user’s phone or a fingerprint. This makes it much more difficult for an attacker to gain access to sensitive information. Even if they have gotten the user’s password, they can start the login process, but without that next factor, they cannot get in. It is like having a screen door locked, which you have the key for and can open it. But then, to get through the main door, you have to get your neighbor to come over and open it with another key. But without the time lag.
You will need a phone by itself or with another app. There are many ways to set them up. I suggest Google Authenticator. Visit, ghtech.site/2factor for more details on Google Authenticator. I have used it for many years. It has a small learning curve but is easy once you try it out.
Setting it up for each site is similar. However, the specific steps for setting up 2FA may vary based on the platform or service you’re using. Be sure to follow the instructions provided. I have set up 2FA on Amazon, Dropbox, Facebook, Google, Microsoft, PayPal, and many others. Search online for the site you want to set it up on like this, “set up amazon 2fa” to find out how, or even if, a site has 2FA. Most do.
There are also different ways to set it up. A Google account will allow you to receive a text on your phone, not the most secure way. They also allow you to have a page sent to your phone that has a “yes” or “no” choice if you are trying to log in. They also allow Authentication apps. Google has a wide variety of ways to use 2FA. Most are extremely secure.
Basically, you go to the security settings of the service you want to set up 2FA for, then find the option to enable 2FA. They might give you a QR code. So, if you are using an authentication app, scan the QR code that is provided in the 2FA setup process. Next, enter the verification code it sends you: If you’re using SMS text message, enter your phone number and follow the prompts to receive a verification code. If you’re using an authentication app, you can use the code generated within the app.
Always test the setup before you log out. The sites usually allow another way to access their sites. That can be cumbersome. Then log out and log back in to see how it works. When you log back in, you should be prompted for both your password and the second factor of authentication.
In summary, 2 Factor Authentication provides an added level of security to protect sensitive information and helps prevent unauthorized access to online accounts.