Back to news

Common Types Of Two-Factor Authentication

January 23, 2018    |    Cyber Security    |    Private Tunnel

What is 2FA?

We shop online. We bank online. We work online. We date online. We even do our taxes online. We are willing to send a lot of sensitive information over the internet, and as explained in a recent Forbes article from our CEO, Francis Dinha, COMPANIES ARE FAILING TO PROTECT CONSUMERS ONLINE. This means that we cannot put our trust in them to handle our sensitive information carefully. Time and again, we hear about costly breaches where thousands of individuals have become victims of personal information theft. Individuals must take responsibility for protecting themselves by using something stronger than just a basic password. Everyone should be using two-factor authentication — also known as 2fa or 2 step verification — whenever possible.

How does two factor authentication work?

So what exactly is 2-step verification? And how does two-factor authentication work? 2FA is an extra layer of security, used to verify that the people requesting access to an online account are actually authorized to access it. Dinha explained two-factor authentication as “a second step taken to confirm a process. It can be used to finish an online purchase, gain access to an online account or complete any transaction by verifying your identity.”

There are three common types of two-factor authentication, each of which you’ve probably used at one point or another.

  1. Receiving a code on your smartphone. In this case, a digital code is sent to your smartphone. You then enter that code into the appropriate field online to complete the login or purchase. This is a common way to log in to your Google account, and you can choose whether to store a cookie on your computer so that you don’t have to do this every time you log in.
  2. Email link confirmation. This requires an email sent to your address that includes a confirmation link. Once clicked on, that redirects back to the online page as your final step.
  3. Using a merchant payment system. This is where an online transaction involving a credit or debit card requires users to enter the card details on the merchant’s payment gateway first, and then a one-time password is sent to their cell phone or email address, and that password is used to complete the purchase.

Why Use Two-Factor Authentication?

Look, we get it. 2FA can be annoying, and is often seen as an unnecessary hassle. Why not just use a password and avoid the extra step of clicking this link or entering that verification code?

The fact of the matter is that passwords are just not as effective as they used to be. To be effective, a password has to be a dozen or more characters and a mix of uppercase and lowercase letters, numbers, and symbols. Passwords have to be different for each account and need to be changed to something completely different every couple of months. But that can be a headache, and most people use really simple, easy to remember (AKA easy to guess) passwords, and often use the same password across all their accounts — for years. Sure, there are people out there that are very diligent about keeping secure, unique passwords. But be honest with yourself: are you one of those people? Is your password situation as secure as it needs to be to keep you safe? If you’re like most people, the answer is no.

And no judgment: I will be the first to admit that until recently, my passwords were terrible. When the internet first came to my household, we picked an easy-to-remember password for our shared email account, and that became my password for every single account, for years and years and years. And I wasn’t shy about sharing my password: if someone wanted to use my Netflix account I had no issue providing my login details. But that was a bad idea, because I used those exact login details for my online banking and credit card accounts. It was completely unsafe, but that is a pretty common habit for a lot of people — which is why two-factor authentication is so necessary.

Think of using two-factor authentication like adding a deadbolt to your front door. Someone might steal the key to the doorknob, but if they don’t have the key to your deadbolt, they still can’t get inside. Similarly, with 2FA, if a hacker were to steal your Google login information, they wouldn’t get far if they didn’t also have your smartphone to complete the second authentication step.

Moral of the story: Make sure you set up two-factor authentication whenever you have the option, especially for all the sites where you have sensitive information saved.

Related Posts

Better Safe Than Sorry