Using Two Factor Authentication
Strong passwords are the necessary first step in prottecting your data. But they are only the beginning.
If you want to ensure that you remain safe, even if your password is stolen, you’ll need a second defense: Two Factor Authentication.
The theory behind Two Factor (also sometimes called Two Step) Authentication is simple: a log in from an unknown or untrusted source requires two different types of verification
- Something you know: your password
- Something you possess: usually your phone
Two Factor Authentication Stops Hackers Before They Get Into Your Account
How does this protect you?
Consider this familiar scenario: the password for your email account was stolen in a data breach. Sadly, you had no idea this happened, and thousands of SPAM messages were sent out under your name in a matter of minutes.
Unless you had Two Factor Authentication enabled.
In that case, even if the hackers have your password, they cannot log in to your email account because they will not know the one time code sent only to your smartphone.
Hack attack foiled.
Setting Up Two Factor Authentication Is Easy
Setting up Two Factor Authentication isn’t difficult. Nor is it especially cumbersome to use.
First, find out if a particular app or service or web site you wish to use supports two factor authentication.
The Two Factor Auth List is a good place to start for a comprehensive overview.
Next, you need to enable Two Factor Authentication for the site. There are actually many possible ways to do this, but in general, the web site will have an option to enable two factor authentication, if it is available, somewhere in its security settings.
Finally, you will receive a text message with a one-time use code you will need to enter on the web site to prove you are you.
At this stage, you are usually able to designate the computer you are using as a trusted source – meaning you will not have to be verified again everytime you log in.
If you primarily use a desktop or notebook computer, congratulations – you are probably done.
If you use a smartphone or tablet, you’ll have to authenticate yourself within particular apps on those devices.
We’ll look at Google as a specific example next, to see how authentication works across platforms as well as how to use something called, “App Specific Passwords” on a mobile device.