What Is Two-Factor Authentication?
It’s like a cybersecurity blanket for your personal data
You’re trying to get on Facebook, maybe to post your latest selfie or check in at a venue. You've already entered your password, but the app is asking you to retrieve a code and enter that, too.
This is an example of two-factor authentication, and while it’s admittedly a pain, it's essential to safeguarding yourself from cybercriminals and Internet fraud.
Two-factor authentication, also known as 2FA or two-step verification, helps keep your online accounts secure by adding a second level of protection, according to the Federal Bureau of Investigation (FBI).
Without 2FA, a hacker could gain access with just your password, which the FBI says is easier to obtain than you might think. But with 2FA, the hacker needs another element, making his task significantly harder, according to the U.S. Computer Emergency and Readiness Team (US-CERT).
2FA works by requiring two out of three “factors” to verify your identity:
- Something you know, like a password or PIN or the answer to a security question
- Something you have, like a dynamic token or code
- Something you are, like your fingerprint, voiceprint or other biometric
While a hacker might be able to guess or find your PIN or the answer to your security question, the other factor in 2FA is much harder to come by. Dynamic tokens generate new codes at regular intervals. Codes may also be sent to you via text message or phone call.
Two-factor authentication has been around since the mid-1980s, but more and more companies and organizations are using it now.
The FBI recommends using 2FA wherever it’s offered.
Enabling 2FA is especially important when you bank or shop online, since your banking or credit card information could be at stake. By using 2FA for online transactions, the National Cyber Security Alliance says, you can confirm it’s actually you who’s making the purchase, before any money gets moved around.
How do you implement 2FA? Begin by searching the settings of your online accounts. The procedure is a bit different for each. If you don't know how or can't figure out whether 2FA is offered, the FBI advises contacting customer support.
Even if you turn on 2FA, stay vigilant. Using it doesn't give you license to be careless with your password, the FBI says. Continue to follow password best practices, such as by making your passwords long and difficult to guess, using different passwords for each account and changing them frequently.
Related: Is Your Mobile Wallet Secure?
Like this article? Share it with friends by clicking the Facebook or Twitter button below. And don't forget to visit our Facebook page!