Two-Factor Authentication

 

 

Two-factor authentication (2FA) is a security system that requires two separate, distinct forms of identification in order to access something. The first factor is a password and the second commonly includes a text with a code sent to your smartphone or generated by an application on your phone (such as Authy App or Google Authenticator). The second factor may also be a physical device, such as Yubikey, that you plug into a USB port on your computer. Two-factor authentication is designed to prevent unauthorized users from gaining access to an account with nothing more than a stolen password.

Not every web-site or on-line service uses 2FA, and those that do may not support all types of 2FA; but many of the most popular sites and services do support 2FA offering increased security of your accounts. Two Factor Auth has a list of websites and whether or not they support 2FA. A hardware token (Yubikey) is the most secure means of 2FA followed by a software token (Authy App). SMS/Text message is a common 2FA method, but offers less security since SMS may be intercepted (and also requires that you have a cellular/WiFi connection to receive the message).

Whenever possible, and especially on sensitive accounts such as banking and e-mail, set up 2FA. In this way if your password is stolen you still have some security protecting access to your account.

When you activate 2FA on a specific account you are often provided with a recovery code(s) so that you can access your account if you lose your 2FA device (i.e. smartphone or Yubikey). Keep these recovery codes stored in a very secure place. If you lose your 2FA device and don't have a recovery code you will be locked out of your own account.