What is Two-Factor Authentication? Guide and Benefits.
If you’ve read any of our handy guides explaining what to do if you suspect someone has hacked your online accounts, such as Yahoo, Facebook, Dropbox, or others, you’ve probably noticed that we always recommend you enhance account security by setting up two-factor authentication, also referred to as 2fa or two-step verification or multi factor authentication.
This security measure has been widely adopted by some of the most popular online services and is usually an opt-in feature (meaning it’s up to you whether or not you choose to use it).
Trying to wrap your head around how it works? Not sure if you should use it?
You’ve come to the right place.
This article will explain everything. When you’re done reading, you’ll see that this feature doesn’t just make your accounts much more secure, but it’s also easy to understand and simple to implement.
So, what is Two-Factor Authentication?
As its name indicates, two-factor authentication focuses on the authentication process, one of the most crucial aspects of account security.
This process keeps unauthorized people out of your accounts and personal information.
When you go to any of your accounts, unless the site “remembers” you, you are asked to provide your credentials.
This is how you authenticate yourself, telling the site, “This is me, and here’s my password to prove it.” For many years, this type of security was enough to verify your identity and determine whether to allow you access to your account.
Why do you need Two-Factor Authentication?
Unfortunately, username plus password just doesn’t cut it anymore.
Instead of targeting service providers, hacking into their networks to get access to consumer data, criminals are targeting the consumers themselves.
Through phishing, which involves the use of fake sites that masquerade as legitimate services, and malware that logs all data from the victim’s computer, cybercriminals are obtaining usernames and passwords.
With these in hand, the bad guys can easily access your account.
And adding more security questions doesn’t help either, since criminals can add those questions to their phishing sites or harvest the information using the same malware.
All of these security questions and requirements involve what the user knows, and if the user knows it, cybercriminals can find it out.
That’s why two-factor authentication is so useful: It’s not just about what the user knows, but what the user has in hand.
How does Two-Factor Authentication work?
With two-factor authentication, users have to prove that they are using a certain device and that the device is in their possession.
How do you prove this? If it’s a mobile phone, the service sends a text message to your phone with a code that’s different every time you log in.
To gain entry to the site/app, you’ll then need to enter that unique code.
This way, you’re not just saying “this is me and here’s my password to prove it,” but also, “I have my unique code with me and here it is to prove it.”
Extra security making you super safe.
Yes, you need Two-Factor Authentication.
Do we recommend setting up two-factor authentication? Absolutely. Like, totally, always and 100% of the time.
While it can be annoying to take this extra step every time you log in to an account, it dramatically improves your account’s security and protects your personal information.
Like we said, username and password just don’t cut it anymore.
How to activate Two-Factor Authentication in the major accounts?
Enable two-step verification by going here.
With two-step verification, Google will require that you enter a unique code that will appear on the “Google Authenticator” app on your mobile, providing you with an important and effective extra layer of security. You can use a “Remember me” option to disable this step for any device, such as your laptop or smartphone, that you use regularly, which will maintain this extra security layer only on unknown devices.
To enable two-step verification in Facebook go to your Facebook Security page. Under “Login Approvals,” check the box to require a security code to access your account from unknown browsers.
To enable two-step verification in Dropbox, visit the Security page and click “Enable” under Two-step verification at the top of the page:
To enable two-step verification in Yahoo, simply click on the button to the right of the “Two-step verification” option on the Account Security page:
Go to your Twitter Security and Privacy page, which can be found on the right-side menu on the Settings page. Once there, activate login verification.
With login verification enabled, Twitter will send a message to either your phone or Twitter app based on your selection, requiring that you approve any new devices that are trying to access your account.
Click on the cog icon on the top right of the app’s profile screen, then click on Login Verification and follow the steps.
With login verification enabled, Snapchat will require you to provide a one-time password when logging in to the app from unknown devices.