Basics of Two Factor Authentication

You most certainly have heard of it and probably use it all the time. Simply put, it’s a method of verifying electronically that it’s “really you.” Unlike many years ago, a single password today is no longer considered secure enough to access most accounts or engage in a transaction. What you need is a second way to verify yourself. That's why many Internet services use two-factor authentication. Sometimes you will see it referred to as 2FA.

Two factor authentication allows you to securely access an account, a trusted device (like a phone), or a website. You will need to provide two pieces of information. Typically these are a password that you enter as well as a six-digit verification code that's sent to your phone or other “trusted device.” By entering this code, you're verifying that you are indeed “you.”

According to security analyst Neil J. Rubenking "there are three generally recognized factors for authentication: something you know (such as a password), something you have (such as a hardware token or cell phone), and something you are (such as your fingerprint). Two-factor means the system is using two of these options."

Biometric scanners for fingerprints, retinas, or faces are increasingly used thanks to innovations such as Apple's Face ID and Windows Hello. But in most cases the second authentication is just a numeric code which can only be used once.

You can get that code via text message or a specialized smartphone app called an "authenticator." The leader in this area is Google Authenticator (Android, iOS). Others apps such as Twilio Authy, Duo Mobile,  and LastPass Authenticator all do the same thing on mobile and some desktop platforms. Password managers also offer 2FA authentication. The codes provided by the authenticator are synced across your accounts, so, for example, you can scan a QR code on your phone and get the six-digit code through your browser.

A trusted device for example, would be an iPhone that you've already signed into using two-factor authentication. It’s a device identified as yours that can be used to verify your identity by displaying a verification code from Apple whenever you sign in using a different device or browser. A trusted phone number can also be used to receive verification codes by text message or automated phone call. On most sites, you must verify at least one trusted phone number to use two-factor authentication.

You should also consider verifying an additional phone number that you can access, such as a home phone, or a number used by a family member or close friend. You can use this number as a backup if for some reason you can't access your primary number.

Once you are signed in, you won’t be asked for a verification code on that device again unless you sign out completely, erase the device, or need to change your password for security reasons. When you sign in on the web, you can choose to “trust” your browser, so you won’t be asked for a verification code the next time you sign in from that computer.

To setup Two Factor Authentication on Apple devices for example, visit their web site:

 https://support.apple.com/en-us/HT204915#setup


Comments

Popular posts from this blog

EOQ Calculations in Excel

Reliability Calculations in Excel

“How Are We Doing?” Efficiency, Utilization, and Productivity