Two-factor authentication is an important tool to keep your online accounts safe. It’s a jargony term but the process is actually very simple to set up and use.
In a sense it’s a double lock. For instance with an email or social media account the first lock is your password and the second lock is the two-factor authentication code you set up.
Most online services and email providers offer two-factor authentication whether it’s Amazon, eBay, Groupon, Ikea, Facebook, Twitter, WhatsApp, Snapchat, Google and Instagram.
Why it’s important
Passwords are stolen with alarming regularity. You might practise good security but how do you know whether the online retailer that you use offers good protection for your email address and password?
You’d think they would but time and time again we see large organisations being hacked and in the process losing reams of customer data including email addresses and passwords.
- Stolen email addresses are generally put up for sale on the dark web
- Fraudsters buy them up
- Using automated software they then apply the email addresses and passwords to online sites such as eBay, Amazon and whole lot more
- When they get a match they effectively gain access to your account
- If you have credit or debit card details stored with that online account you’re in trouble
- The fraudsters will plunder your account, buying up goods and using the ‘alternative address option have the goods sent to another address
- Don’t bank on the police investigating or bringing the fraudsters to book. There are many examples of the police not investigating because the amounts of money involved don’t hit a certain threshold
Email addresses and social media accounts
Hackers also apply the same approach to email and social media accounts. If they can access these they can:
- Carry out elaborate identity theft
- Trawl your emails for messages that have the potential for financial fraud
- Cause mischief and mayhem in your name
The caped crusader
Two-factor authentication is like the mythical caped crusader (aka Batman) who swoops out of the sky onto the unsuspecting baddies and puts a swift end to their nefarious plots:
- If hackers steal your account details and password and it’s protected by two-factor authentication they can’t do a thing
- If they try and access your accounts the two-factor authentication code will be sent to your mobile phone
- Because they don’t have your phone they won’t be able to access your account
How it works
Here’s how it works:
- Find the ‘enable two-factor authentication’ feature on the service you want to use it for
- It’s typically found in a settings menu and via a drop down menu
- If you’re struggling to discover it simply do an online search such as ‘Facebook enabling two-factor authentication’ and you’ll find the instructions in the blink of an eyelid
- Enter your mobile phone number and receive a confirmation code
- Every time you subsequently log onto the service you’ll be asked for your password as usual
- Once you’ve done this a code will then be texted to the mobile phone number you provided
- You simply enter the code in the field beneath the password to access your online account
- You usually have the option of disabling two-factor authentication. This is useful if you access your online account from a home computer a lot and don’t need to enter the two-factor authentication all the time
Who does 2FA and who doesn’t
Not only does the security industry love jargon it also makes liberal use of acronyms. Therefore two-factor authentication inevitably becomes 2FA.
So if you see ‘2FA’ being bandied about you know what it means.
Even more useful is a website that lists all sorts of apps, services and organisations that offer 2FA ranging from banking to transport, government, gaming, retail and remote access.
Unsurprisingly the site is called Two Factor Auth but if you can get past the name you might find it incredibly useful.
You can access it here
It’s a US-based site so there is a bias towards US-based organisations that provide 2FA but that said, there are plenty on pan-European outfits you will recognise.
A word of warning
- Two-factor authentication is designed to foil hackers and fraudsters who operate remotely.
- However, because the codes are phone-based anyone with access to your phone can unlock the codes
- It isn’t designed to protect you from hackers who have access to your devices
It makes sense
Two-factor authentication is a great tool to put a double lock on your accounts. It’s simple to set up, easy to use and gives you peace of mind.
Of course, 2FA is just one security component but when used with good security software such as BullGuard Internet Security
it provides simple, but effective and robust security to deter even the most avaricious of cyber miscreants.