Two-factor authentication is an easy win for your online account security and here’s why.
As we recently explained in our blog about password managers having unique passwords for all of your online accounts isn’t such a difficult task, even for a large business or enterprise, but how can you add extra security on top of that?
Even with unique passwords and a password manager, your accounts could still be accessed by malicious individuals through no fault of your own: your login information could be stolen directly from the website itself.
Two-factor authentication (2FA), sometimes called multi-factor authentication, is a simple and highly effective way of increasing the security of your online accounts and mitigating the risk to highly secure business logins which still require a username and password.
2FA generally uses one of three methods, a physical token, an SMS, or an app, to generate a code which you’ll be asked to enter when you try to login.
Jake Moore, ESET Security Specialist, explains the merits of using two-factor authentication with as many websites and accounts as possible.
“One of the ways of adding an extra layer of security to your normal logins is by using multi or two factor authentication.
“This takes something you know (your username and password or pin) and something you have (a phone or hard token device) this enables you to generate a code that is entered after you use your username and password.
“This code is only usable once and generally becomes invalid after a short period of time.
“That way even if someone does obtain your username and password they are unable to guess the random generated code and unable to access your account, giving you time to change your compromised password.”
Of course 2FA isn’t infallible, there are ways that someone determined enough could circumvent it but for the few seconds extra it’ll take you to login it’s well worth putting it on as many accounts as possible.
If you’re curious which websites do or don’t offer a form of 2FA, you can check this list provided by Two Factor Auth List.
Do you already use 2FA? How many accounts do you protect with it? Let us know on Twitter or LinkedIn.