Have you got the 2 Factor (Authentication)?
Two-factor authentication (2FA) is a quick and easy way to boost security for your important accounts.
From keeping important emails safe to securing your online banking, this process could save you from a serious security breach.
But what is 2FA and how does it work?
‘Double Checking’ who you are
2FA provides an extra layer of security to ‘double-check’ that you are the person you are claiming to be.
It’s a service that is mainly used for banking, emails and social media. It is available on most major online services and it’s pretty easy to take the time to set up.
When setting up 2FA, the service will ask you to provide a ‘second factor’. This tends to be something that only you can access.
Normally this is sent as a code to your mobile phone, or that has been created by an app.
So why should I bother?
A report in the Guardian on April 2019, reported that 42% of people expect to lose money through internet fraud by 2020.
Obviously the longer the password, the more difficult it becomes for a cybercriminal to crack. However, providing the ‘second factor’ means it becomes even more difficult for access to be gained.
Accounts that have been set up to use 2FA require an extra check, so even if a criminal knows your password, they won’t be able to access your account.
The National Cyber Security Centre in the UK recommends that you set up 2FA on your ‘important’ accounts. These are typically ‘high value’ accounts that protect things that you care about.
How do I set 2FA up?
Some online services have 2FA switched on. However, some don’t so you will need to switch it on yourself.
If available, the option to switch 2FA on is usually found in the security settings of your account (it could be called two-step verification).
If you need additional help in setting up 2FA, the website Telesign has steps on how to do this for many major sites.
How does it work?
When 2FA is switched, you’ll need to provide a ‘second factor’ to access your account.
There are several types available and include:
- Text message: The most popular method is through your mobile phone. By providing your mobile number, the service would normally send a text containing a code. This code is then inputted to provide an extra layer of security. On occasions, some services use a voice message if you find this easier.
- Authenticator Apps: Google (Authenticator) and Microsoft (Authenticator) both provide apps on mobile phones that add extra security. Installing one of these on your phone acts as another security layer. These apps offer lots of advantages over text messages, such as not needing a mobile signal, or having to wait for a text message to arrive.
But 2FA isn’t available, what should I do?
2FA isn’t always available. The National Cyber Security Centre want it to be made available on all services which might hold your data or spend money.
As a general rule, any service that doesn’t support 2FA, a strong unique password is required.
Using random letters, numbers and symbols to create these passwords make it harder for a cybercriminal to break.
You may want to even consider switching to a like-for-like service that does offer 2FA.
If you require stronger protection that just two-factor authentication, why not use it as part of a larger IT security package?