2-Factor Authentication

What Is 2-Factor Authentication and Why Is It So Useful

Last edited: August 12, 2019
Reading time: 5 minutes, 31 seconds

Think for a moment about the vital information about you someone would have access to if they guess your password. This could expose your banking information, health information, email, and private messages. Passwords have been the primary means of security online since the dawn of the internet age. Yet studies show time and again that for most of us, our passwords are not as secure as they should be. Most passwords can be cracked in six hours or less. We tend to use the same password to protect multiple accounts. And we tend to keep passwords around for years. 47% of us use passwords that are older than five years old. 2-Factor Authentication is a simple tool that could dramatically improve your security today.


Why Passwords Aren’t Enough

To create a secure password, you should put in place ALL the following:

  • More than six characters, preferably at least ten characters
  • Should contain a minimum of one uppercase, one lowercase, one number and one symbol
  • Should not contain consecutive keys on the keyboard or alphabet or numbers
  • Should be unique from every other password you use – no duplicate passwords
  • Should be changed at least every six months to a new unique password you haven’t used yet
  • Should be memorable, but not based on birthdates, easily guessed words, or phrases

And you should do this for every password you create. The average user has 90 passwords to remember for home and work. Is it any wonder then that we often take shortcuts? Far too many people recycle passwords like ‘123456’ or use the same password to multiple sites. It’s likely that once you have set a password, you will not change it unless you are forced to. To make life a little bit easier you can use a password manager to create and remember your passwords.

The problem is that someone will crack your password at some point. Some website’s security will have a vulnerability and hackers will gain access to every password used on that site. Then all a hacker has to do is run an automated program to try your username and password across thousands of sites online to see which sites it unlocks. Suddenly, your privacy is completely compromised, and someone has access to your online life.


What Is 2-Factor Authentication?

two-factor authenticationWhen you type in your username and password on a site, that is single factor authentication. This type of login relies on something that you know – your password. There are other types of authentication techniques. For example, if your phone has a fingerprint reader to unlock the device, that relies on something unique to you – your fingerprint. Many offices rely on yet another form of authentication. To get in the building, you may have to swipe a keycard. This relies on something you have – the keycard.

2-factor authentication uses a combination of two of these types of authentication techniques. This ensures that the person logging in is the right person. One popular form of 2-factor authentication used by Google and others involves something you have. Once you try logging in with a password, a unique code is sent by text message to your phone. This code is good for only a single use and typically expires in just a few minutes. This authentication makes use of something you know, your password, and something you have, your phone.

Other 2-factor authentication efforts may send you a small device needed to log in. This device displays a unique number generated according to a secret algorithm. For this method, to log in, you don’t just need your password, but also the number that small device generates.

In some cases, you may need to provide your password along with a scan of your fingerprint. This means you use your password, along with something unique to you personally, your fingerprint. Other examples of biometrics that can strengthen your password are an eye scan, a face scan and a voiceprint.

In each case, the 2-factor authentication relies on two different methods to confirm that the right person is logging in.


How 2-Factor Authentication Improves Security

As we’ve seen all too many times in the past, a password can be cracked or stolen by a determined hacker. When you use single factor authentication, someone with access to your password can easily log on to your account. When you use 2-factor authentication, a password alone is not enough to break into your information.

Even if a hacker gains access to your password, without access to your second authentication method, they cannot get into your account. Usually this would mean the hacker would either need to have your fingerprint, voiceprint, or something else unique to you. In other cases, the hacker might need access to your phone or the token supplied to provide the unique number code.

With 2-factor authentication, a hacker cannot simply steal your password and get into your account. 2-factor authentication does more than merely double the information necessary to get into your account. In fact, 2-factor authentication makes it exponentially more difficult to gain access to your information.


Potential Weaknesses of a 2-Factor Authentication System

What happens if a thief steals your phone and begins trying to hack your accounts? Unfortunately, with many 2-factor authentication systems, they would receive a text message with the code needed to log in. You can protect against this type of theft by having a good security method for your phone’s lock screen. Your code may not keep a determined thief out forever. But it can give you time to cut off your phone service before he or she could gain access to your accounts.

While biometric data is unique to you, it too carries some risk of hacking. When your phone or other device scans your fingerprint, voiceprint, or other biometric data, it creates a unique code that represents your scan. In essence, this is like an extremely complex password that only you possess. But if a hacker gained access to a site where you had logged in using that scan, they may gain access to that unique code as well.

Ultimately, there is no perfect security system yet. While 2-factor authentication is strong, there are ways a determined thief could work around it to gain access to your accounts. But by protecting yourself with 2-factor authentication, you rule out casual access to your accounts through theft or carelessness. By making your accounts very difficult to get into, you exponentially improve your odds of avoiding an intrusion. Even if perfect security is not possible yet, 2-factor authentication provides a quite simple way of making it nearly impossible to steal your information.

Main author:

More articles from the ‘Secure Browsing’ section

Comments
Leave a comment
Leave a comment