Defense Against The Dark Arts (Of Data Theft): Two-Factor Authentication

With many high profile digital security breaches in the news lately such as Target’s credit card snafu and the hacking of Snapchat, accessing anything on the internet can seem like a perilous activity. Fortunately, there is a simple step (or two) that you can take to immediately and drastically decrease your chances of having data compromised. It’s called Two-Factor Authentication, and it’s already been adopted as a standard security measure. By learning about and utilizing Two-Factor Authentication (hereafter abbreviated “2FA”), you will add a layer of security to your online activity that is nearly impossible to circumvent.

You actually already use 2FA whenever you make a transaction at an ATM. You prove your identity to the ATM by inserting your debit card (the first factor), and then entering a PIN. If one of these two factors is missing, the ATM will not allow access to your account. 2FA on the Internet works in much the same way. You’re already familiar with logging into your accounts with a username and password, but with 2FA, there is an additional code you must enter after you authenticate with your password. The code is generated in one of two ways. You can run an app on your smartphone such as Google Authenticator or Authy which provide a new code for each of your accounts every 30 seconds. If you don’t want to use a third party app, many accounts can have a code sent via SMS to your cell phone (you don’t even need a smartphone for this). So as long as you have your phone with you, you’ll be able to access your account, and anyone who does not have access to your phone will be prevented even if they know your username and password.

Now you may ask: What happens if I lose my phone, it breaks, or it becomes stolen? Well, when you set up 2FA, you’ll be asked to write down one or more backup codes. The backup codes should be kept in a safe place like your sock drawer. They will work should you need to log into your account without having access to your phone.

How do I set up 2FA and which accounts should I use it with? Many accounts now support some form of 2FA, including, most Banking & Investment accounts, GMail, Yahoo, Facebook, Twitter, Evernote, LinkedIn, eBay, Dropbox, Apple, and WordPress just to name a few. If you’re not sure if a service has 2FA, go into your account settings and look under the Security section, you may be surprised how many services have added this protection.

Many people find this extra layer of security to be a major hassle. I will admit that looking at my phone and entering a 6-digit code every time I want to log into Gmail or Twitter can be annoying. Most services allow you to whitelist a trusted device for a predetermined amount of time so that you don’t have to keep entering the codes on that device. Additionally, I would argue that the aggravation of having to enter an extra authentication code for each log in pales in comparison to the aggravation of having your bank account or credit card compromised. So until one-swipe fingerprint logins are a reality, I’ll stick with 2FA for every account that supports it.


Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>