Did you know that the biggest data breach in history was the 2014 breach of Yahoo accounts? It is believed that the hackers gained access to the names, phone numbers, password challenge questions and answers, and even recovery email accounts of three billion users. The good news is that account security has improved significantly since then. The trouble is that many of us don’t make use of the extra layers of protection and still just use a simple password to log into all our accounts. At the very least, we should be using two factor authentication 2FA to make our accounts far safer.
If you’re not sure what 2FA is or how it works then read on to learn more.
What Is Two-Factor Authentication (2FA)?
When you sign in to an account using just a password, you’re only using a single method to prove that it’s really you trying to sign in, and not a hacker.
The trouble with this method is that if someone gets hold of your password, it’s all too easy for them to sign in to your account. If your password has been exposed in a data breach and you use that same password for multiple accounts, then all of your accounts could be at risk.
Two-factor authentication requires that you provide two methods of authentication before you can sign in to your account. That means that if someone doesn’t have the second method of authentication, they can’t access your account, even if they have your password.
How Does It Work?
By requiring at least two different methods of authentication, the chance of someone else being able to sign in to your accounts is reduced significantly. For example, if someone has your password, but doesn’t have your phone to generate a login code on an authentication app, then they won’t be able to sign in to your account.
There are three main types of authentication that can be used.
Knowledge
Knowledge-based authentication uses information that (hopefully!) is known only to you. This could be a password, a PIN number, the answers to security questions, a specific swipe pattern on your phone, or other methods.
As we have already seen, using these knowledge methods alone is only secure when no one else has the same knowledge. If your password is hacked and posted online, (as is often the case with data breaches) then that private knowledge becomes common knowledge.
Possession
Possession-based authentication requires you to have possession of a specific item. The most common forms of possession-based authentication make use of the fact that we usually have our phones with us most of the time.
By sending a code to a phone, or using a two-factor authentication app that is linked to your specific phone, it means that only the person in possession of your phone would be able to sign in to your account.
There are other forms of possession-based authentication aside from phones, such as ID cards or standalone login code generators.
Biometric
The third form of authentication is biometric-based authentication. This makes use of the unique features of your own person, which are hard to duplicate or hack.
Many of us are accustomed to using biometric-based authentication; you may log in to your mobile phone by using your fingerprint, or your face. There are plenty of other methods of biometric authentication; you can use voice recognition or iris-scanning technology for example.
Where Should I Use 2FA?
As you can see, by requiring multiple forms of authentication in order to access your accounts, two-factor authentication makes your accounts more secure.
Now that you know how it works, you may be wondering where you should be using it. Well, the short answer is: everywhere possible! The following are the best places to start.
Password Managers
Probably the first thing you should protect with 2FA is your online password manager.
A password manager allows you to save complex passwords for all your accounts with no need for you to remember them all. Since this allows you to use passwords that are much harder to guess or crack, your accounts are already much safer. This is something we would always recommend for businesses; you can look into using a team password manager for enterprise password management.
By setting up 2FA for your password manager, your passwords will be even more secure.
Email Accounts
Email accounts are very popular amongst hackers. Once you hack an account, you can scrape it for useful information to access bank accounts, and even use the account for sending out spam.
Most good email accounts will allow you to set up 2FA on your account.
Banking
Your banking app should offer 2FA but not all of them oblige you to set it up.
If you don’t have 2FA on your banking apps, set it up as soon as possible; a password is nowhere near enough protection for your bank account.
Shopping
Online shopping has been one of the big success stories of the pandemic. The problem is that these accounts usually store your card details for later use. That means if someone can access your Amazon account, for example, they can steal your card details.
Set up 2FA to keep these accounts safe.
Social Media
Social media accounts are another favorite of hackers. Even Donald Trump’s official Twitter account was hacked, but this may be because he was using the incredibly easy-to-guess password “maga2020!”
If the former president had set up 2FA for his Twitter account, the embarrassing hack might not have happened.
Say Hello to Passwordless Login
Are you looking for a simple way to manage two-factor authentication (2FA) without having to create or remember passwords? If so, we’re here to help.
LogMeOnce Password Manager allows you to use award-winning passwordless authentication that has automatic two-factor authentication built-in. LogMeOnce includes multiple passwordless options, including PhotoLogin, Face ID, fingerprint access, and pin codes, as well as password access.
LogMeOnce offers single-sign-in to all of your apps and accounts, so you don’t have to worry about trying to remember which 2FA method you’re supposed to use with which account.
Sign up today for free.