The Importance of 2 Factor Authentication
This post was updated in March 2020
In this day and age, nearly everything we do in our day-to-day life is done digitally. This includes most of our banking, accounting, social interacting, and even dating. With so much of our personal information hanging out there in the cloud, sometimes a flimsy password isn’t sufficient when it comes to keeping that information private.
This is especially true if you’re like me and you only have one password that you alter here and there to adhere to different password requirements. This can be particularly dangerous with the major increase in hacking technology that has occurred over recent years. Common practices like my one-password-fits-all method or the ever helpful (yet horribly unsafe) notebook that holds every password you’ve ever created in one spot are not the only “weak links” when it comes to online security.
Hackers are able to glean information from your social networking sites and email address that help them guess your passwords without having ever met you. Identity theft is an everyday occurrence in our society, and simply making your password more complex and unique isn’t going to cut it. That is why so many large companies like Google and Apple have recently introduced Two Factor Authentication, or 2FA.
What is 2FA?
Essentially, Two Factor Authentication is an extra layer of security that surpasses the single requirement for a username and password and adds an additional step that involves something that the user, and only the user, has available to them. This is usually a piece of information only they should know or have immediately on hand, such as a security question or token that provides a randomized code. Google gives you the option to input a phone number as the second part of 2FA setup so it can send you a 5 digit code via either text message or a phone call. Many banks provide tokens to larger institutions that you will have to have on hand whenever you log in that will generate a unique code for you to enter. Having these secondary fail-safe measures in place will allow you to sleep comfortably knowing your personal (and professional) information is well guarded.
How it Works
The primary goal of 2FA is to make it harder for potential intruders to gain access to your personal data or identity. Since it’s an extra layer of security, you’ll always be the only person who can access your account, regardless of who else knows your password (though we do not recommend shouting it from the rooftop.) The setup process is going to vary from software to software, but typically when you go to sign into your account you’ll be prompted to provide a few pieces of information, usually your password and a phone number. Whenever you log into a new computer, you’ll input your password and a code that will either be sent to your phone or obtained through some other manner. In some cases, once you’re signed in you won’t be asked for another verification code on that device for 30 days unless you sign out completely, erase the device, or have to change your password for security reasons.
Why Use It?
When it comes down to it, Two Factor Authentication is practical. For ages, a simple password has sufficed for protection, but a quick google search of the most commonly used passwords will yield results such as “password” or “1234”, proving that this method simply isn’t secure enough. Passwords are stolen often, and not simply from people who have physical access to your space. There are a variety of social engineering techniques that a random stranger could utilize to guess your password. There are also viruses and malicious code that trick you into offering the information of your own accord. By simply enforcing another step into the login process, you remove the pressure put on your flimsy password and make your software more secure.
Keep in mind that even with Two Factor Authentication, you could still be at risk. However, the amount of protection 2FA provides is well worth the extra few clicks it takes to set up. For more tips on how to further your increase in security, read our blog about Payroll Security.