Two-Factor Authentication

My last post discussed the need for a using unique and strong passwords for your online accounts. Unfortunately, even having a strong password may not completely protect your online accounts because passwords aren't as secure as they used to be. Not to mention the growing number of data breaches that are occurring nowadays. If someone gets your password, they have the potential to access your accounts. Two-factor authentication helps solves this problem. 

Two-factor authentication (2FA) is a simple process you can do to ensure that your online accounts don't get compromised.  Essentially, two-factor authentication asks you for an additional requirement in addition to your password. Another way to look at it is that two-factor authentication requires both something you know (password) and something you physically have (phone or biometrics).

For example, when you enter only your username and one password, that's considered single-factor authentication. However, with 2FA enabled, when you enter your password, you'll get prompted to enter an additional alphanumeric code. This additional code is generally sent to your phone via a text message or generated using a authentication app installed on your phone, and only after you enter it will you then be granted access to your account. So if someone learns your password, they will not be able to access anything without being able to generate and enter a code. 

If you want to take 2FA a step further (like me), you can also utilize a Fast Identity Online (FIDO) Universal 2nd Factor (U2F) security key. Instead of requiring a randomly generated code in addition to your password, U2F utilizes a physical key that you insert into the USB port on your computer. After successfully authenticating with a username and password, the user is prompted to insert their U2F security key. Next, the user inserts and presses a button on the U2F security key. Once validated, the user is now logged into their online account. Simple.

Furthermore, because successful authentication relies on interaction with the U2F key, U2F is helpful in protecting against common attacks like session hijacking, man-in-the-middle attacks, and other malware. In addition a security key, all that is required is a supported web browser, such as Google Chrome, and a computer running Windows, Mac OS X, Linux, or Chrome OS (Chromebooks).

Yes, 2FA can be kind of a pain at times (especially when you get a new computer), but with the growing number of data breaches and other stuff going on in the world of cybersecurity, I feel a lot better having it enabled it on the services (e.g. Google, Microsoft, Apple, Dropbox, LinkedIn, Twitter, Facebook and Amazon) that support it.