Let’s face it - no one wants to be hacked!! But, beyond a strong, alpha-numeric password, what more can you do to prevent it??

The answer is two-factor authentication. Also called two-step login, multi-factor authentication, two-step verification, 2FA and security token, two-factor authentication means that in order to login to an account, you need to complete Step 1 (entering a password that you KNOW) and then Step 2 (entering a secret code that you HAVE for a limited time). Enabling two-factor authentication on your online accounts can greatly reduce your risk of being hacked as the thief will almost never have your password, fingerprint, cell phone, etc. at the same time.

Here are some examples of Two-Step Authentication:

  1. 2 Factor Authentication

    Text verification.

    This is where you get a one-time passcode texted to your mobile phone number on file the minute you've entered your password on the website. You then are prompted to enter the code received in the text to gain access to the desired account. Often times, the code is only good for a certain period of time (e.g. 15 minutes) and is only valid for a one time use (i.e. the next time you login to your account, you’ll have to get a new code texted to you.)

  2. Security token.

    A second form of two-step authentication is a security token or key-fob device that generates a unique passcode every minute or so. (A key-fob is pictured above.)

  3. Challenge question.

    This form of verification is where you will be prompted to answer a question, such as your mother’s maiden name or name of your school in 3rd grade, after you enter your password. The challenge questions and answers are controlled up through your profile on the specific website and can be case sensitive.

  4. Apple Pay

    is another form of multi-factor authentication. With this, you must have a specific physical device (e.g. an iPhone 6 connected to your iTunes account) and a biometric passcode (e.g your fingerprint) before you can use the device to submit electronic payments.

All of the methods highlighted contain at least two of the following factors: something you ARE (e.g. your fingerprint), something you KNOW (e.g. a challenge question) and/or something you HAVE (e.g. smartphone.)

To setup two-step logins in minutes on most of your important website accounts, visit https://twofactorauth.org/ or search for the term “two-factor authentication” on the website in question. Enabling the second form of identification is well worth the protection it affords.