2-Factor Authentication. Stopping hackers in their tracks.
Let me introduce you to a concept in advanced security, 2-factor (2FA) authentication. 2FA combines something you know with something you have. A password is a single form of authenticating your identity during the sign-in process, the “something you know.” Adding a second form of authentication in the form of a physical device in your possession means that even if a hacker discovers your password, he still cannot break into your account. The most common second authentication is a code texted to your smartphone, but you can also use authenticator apps, biometric devices like fingerprint readers, or security dongles.
Google did an exhaustive 2-year study on the effectiveness of 2FA (they call it 2-Step Verification) in 2019 and found that a simple text code stopped 100% of automated bots and 96% of bulk phishing attacks. Using more advanced authentication devices stops even sustained targeted attacks.
Simply put, 2FA makes your accounts almost unhackable (unless you fall for a phishing scam). That’s peace of mind!
Start with your email account
Your email account is a great place to start using 2FA. Someone breaching your email account may be able to reset your passwords and lock you out of all your accounts. All major email platforms offer 2-factor authentication.
How does 2-factor authentication work when signing in?
Two-factor authentication works a bit differently depending on the account and your device, but the basics are the same.
- You sign in to an account using your username and password.
- A message appears on the website telling you that you must enter a code sent to your smartphone.
- You may see a prompt on your smartphone notifying you of a sign-in attempt and asking if it is you.
- You’ll receive a text message with a code, usually 6 digits, that you must enter into the website. This code is only good for a short period of time.
- Enter the code and you’ll be in your account.