Let’s face it - no one wants to be hacked!! But, beyond a strong,
alpha-numeric password, what more can you do to prevent it??
The answer is two-factor authentication. Also called two-step login,
multi-factor authentication, two-step verification, 2FA and security token,
two-factor authentication means that in order to login to an account, you need
to complete Step 1 (entering a password that you KNOW) and then Step 2
(entering a secret code that you HAVE for a limited time). Enabling two-factor
authentication on your online accounts can greatly reduce your risk of being
hacked as the thief will almost never have your password, fingerprint, cell
phone, etc. at the same time.
Here are some examples of Two-Step Authentication:
This is where you get a
one-time passcode texted to your mobile phone number on file the minute you've
entered your password on the website. You then are prompted to enter the code
received in the text to gain access to the desired account. Often times, the
code is only good for a certain period of time (e.g. 15 minutes) and is only
valid for a one time use (i.e. the next time you login to your account, you’ll
have to get a new code texted to you.)
A second form of two-step
authentication is a security token or key-fob device that generates a unique
passcode every minute or so. (A key-fob is pictured above.)
This form of verification is
where you will be prompted to answer a question, such as your mother’s maiden
name or name of your school in 3rd grade, after
you enter your password. The challenge questions and answers are controlled up
through your profile on the specific website and can be case sensitive.
is another form of multi-factor
authentication. With this, you must have a specific physical device (e.g. an
iPhone 6 connected to your iTunes account) and a biometric passcode (e.g your
fingerprint) before you can use the device to submit electronic payments.
All of the methods highlighted contain at least two of the following factors:
something you ARE (e.g. your fingerprint), something you KNOW (e.g. a challenge
question) and/or something you HAVE (e.g. smartphone.)
To setup two-step logins in minutes on most of your important website accounts,
visit https://twofactorauth.org/ or search for the term “two-factor
authentication” on the website in question. Enabling the second form of
identification is well worth the protection it affords.