Two-Factor Authentication

Are you familiar with two-factor authentication (2FA)? If not, then it’s something useful to learn about for keeping your accounts protected, and you may have already been asked by some sites and apps to start using 2FA.

Two-factor authentication adds an additional step when logging in, so that even if your password is stolen, it’s not enough to get into your accounts.

The second step usually involves an access code sent to the user’s phone or email, uniquely generated each time and required for a successful login. That way, if your password is stolen, it can’t be used to access your accounts as the access code will be sent to you, rather than to whoever is attempting to make fraudulent use of your credentials. This system also warns the account owner if someone is trying to break into their account, so if you suddenly receive an access code without requesting it, you’ll know that you need to change your password.

How often a user must use 2FA can vary, some logins will only require it on a new device, some require it every few weeks, and sometimes it’s every login. Generally, the more serious the purpose of the account, the stricter the 2FA.

In fact, 2FA is so well regarded that Microsoft allows users to ditch their passwords altogether, using just their authenticator app, which is then kept secure by the security features in the user’s phone.

If you have any questions about making use of two-factor authentication, just get in touch.