Everything You Need to Know About Two-Factor Authentication and How to Use it

Learn how 2FA works

Pixabay

 

There is a way to make your login more of a challenge to hack. With the help of 2 Factor Authentication (or 2FA), you add another layer of protection to your account. So instead of an account only requiring a username and password, it requires a username, password, 2FA code.

2FA is also known as two step authentication or two step verification.

What is Two Factor Authentication

When you log into a website, you are asked for a username and a password. Once you enter both of those pieces of information correctly, you are allowed into your account. It’s easy, common, and what everyone is used to. It’s also insecure.

Two factor authentication helps secure your login with a second code you need to obtain before you can truly log in.

Even if your password is "$jI1!~0l*_aBk," it can eventually be cracked. This is made especially easy considering so many people don’t bother using really challenging passwords for their accounts. Using some readily available tools, a password can be cracked quickly, so it's best to be as secured as possible.

How 2FA Works

How 2FA works is actually quite simple:

  1. You point a web browser to an account you want to use.

  2. You enter your username and password.

  3. You are then either prompted for a 2FA code (which you retrieve from an app) or to generate a 2FA code (which is sent to your phone, via SMS text).

    Screenshot of a 2FA code enter screen.
  4. Once you’ve entered the proper 2FA code, you will be allowed entry into your account.

If you do not have a code for your account, you will not be allowed access. This is why 2FA is an important additional step for security. Each code is time-based. You only have, typically, 30 seconds to use a code before it is no longer valid. And once a code has been used, it cannot be used again. So even if a hacker has your username and password, without the ability to get an associated 2FA code, they cannot access your account.

Getting 2FA Codes

This is the crux of the issue … how to get 2FA codes. There are two different methods, one of which is more secure than the other. The two methods are:

How the codes work is simple:

  1. You enable 2FA authentication for your online account.

  2. You select the method of 2FA to be used (if applicable—as some accounts only offer one method).

  3. If you choose the 2FA app method, you then add the account to the app and, when you need a code, it will be sent, as a text, to your phone.

  4. If you choose the SMS text method, you then associate your account with your phone number and then retrieve the code from the 2FA app you’ve installed.

Of the two methods, 2FA app route is the more secure. Why? Because SMS text messages can be intercepted. In other words, if a hacker knows your username, your password, and your phone number, they can (using specific tools) intercept the transmission of the SMS 2FA code and then use it to gain access to your account. Because of this, it is always best to opt to go the 2FA app route, whenever possible.

So unless you’re using a password with 12 characters, that includes special characters (such as #, $, _, -, *), your password can be cracked with enough persistence.

The Caveats to 2FA

There is really only one issue with using 2FA for your accounts … convenience. Because you will be required to enter a third piece of information to gain access to your account, it requires that you type a bit more. You will also have to have your mobile phone at the ready (so you can retrieve the necessary 2FA code).

Adding this extra layer of security is well worth the inconvenience. Although 2FA isn’t perfect, it is considerably more secure than an account protected only by a username and password.