What Is Two-Factor Authentication?

A quick and easy way to make your accounts more secure.

Passwords aren’t as nearly as effective as they used to be. Data breaches continue to leak passwords and new software is making password guessing and brute-forcing (a type of attack that works just like it sounds) simpler. And because people are overwhelmed by the number of passwords they have to manage, many tend to either reuse or use simple passwords. 

The net result is that accounts now require more than just passwords to stay secure. Enter two-factor authentication, or 2FA (also known as multi-factor authentication, or MFA). Here’s how it works.

When an account requires just a password, that’s a single factor used to authenticate access to the account. Pretty simple.

2FA asks for an additional factor to authenticate a user. However, the factor has to be a different kind of authentication than simply another password. Requiring two different passwords isn’t a form of 2FA because, as passwords, they each have the same vulnerability. The same goes for security questions.

As a general rule of thumb, authentication comes in three different forms:

  • Something you know (like passwords).
  • Something you have (like a cell phone that can receive a code)
  • Something you are (your fingerprint).

This layered form of authentication makes it much harder—though not impossible—for hackers to get into your accounts because even if they have your password, they aren’t likely to have your cell phone or fingerprints.

Google research has shown that even the ‘weakest’ form of 2FA, SMS 2FA, where the service texts you a code to your cell phone, blocks 100% of automated attacks and 96% of bulk phishing attacks.

If you see an option to enable 2FA or MFA on your accounts, you should do it. It’s worth the extra step to make your accounts vastly more secure.

Photo by Dima Pechurin on Unsplash

Show More
Back to top button