Every day we authenticate ourselves on a variety of services. We login to our email, social networks, and bank accounts using information that hopefully only we know. But, what if there was a way to add another form of authentication to our accounts? Well, as it turns out there is. It’s called two-factor authentication and if you aren’t already using it hopefully by the end of this post you’ll be considering it.
First let’s get some terminology in. Authentication, by definition, is the process of proving or showing that something is genuine. In the case of an online account we are trying to authenticate our identity. There are 3 main forms of authentication. The first is something you know. An example of something you know would be a password. The second is something you have. Your smartphone or your email address is something that you have. The third form of authentication is something that you are. This could be a fingerprint or an iris scan.
In a normal login scenario, the system would use the “something you know” form of authentication, in this case your password. When we add two-factor authentication into the mix the system would ask for an additional form of authentication. The easiest and most popular way to use two-factor authentication is the “something you have” form. In our example of a standard login scenario, the system may send an email or text message with a code to verify that you are indeed who you say you are.
There is another option than just email and SMS messages for two-factor authentication. This would be a two-factor authentication app. Microsoft authenticator and Google authenticator are both fantastic apps, that make two-factor authentication quick and easy. When your account is setup to use an app to authenticate, it will ask for a code that you can get by simply opening up the app. There are some services that will even send a push notification through the app that you can approve with the touch of a button.
In closing, I want to say that although two-factor authentication is not the surefire way to make sure that your accounts stay secure, it certainly helps. Even if someone managed to get the password of an account with two-factor authentication enabled, they would still need to have access to your email or phone to get in. For more security and IT tips, stay tuned to our blog. We will be posting more helpful information to make your digital life easier.