Skip to content
Technology

Two Factor Authentication

by |Published

Two Factor Authentication is a MUST HAVE. If you rely on a user name and password to protect something online it will be hacked. It is simply a matter of time, not “if” it will be hacked.

Assuming that you have some online accounts that it would be, at a minimum painful to loose, or degrees worse than painful, you need to implement Two Factor Authentication. What is Two Factor Authentication, also referred to as 2FA? Simplistically it’s a way to check you are really you by using something you have. A most obvious example is to use a mobile phone. Using this thing you have, and only you should have, is as another verification step when accessing your account. As this device is linked to you and probably physically with you, its a great way to verify identity.

Electronic Frontier Foundation, CC BY 2.0 , via Wikimedia Commons

Broadly speaking there are two main ways to accomplish 2FA:

  1. Using a Text/SMS to a mobile phone device
  2. Using an authentication app, on a mobile phone or other device

Text/SMS

You will receive a code to enter into the login screen process on your mobile phone. You will have registered your mobile phone number when you created your account, or when you setup 2FA. Given that you should be the only person who can receive the Text/SMS on your mobile phone, this is relatively secure. This is a basic option for 2FA and is generally “good enough” for most situations. It’s certainly far better that relying on user name and password alone.

The potential weakness with a Text/SMS 2FA approach is that determined criminals may be able to hack the one account necessary to break this, your account with your mobile provider. If they know enough about you they may be able to take over the mobile phone account and get a replacement SIM card or otherwise link your phone account with a device they, the criminals control. If they are successful they can then get the necessary codes to respond to 2FA verification requests.

Authentication App

Taking things to a slightly higher level, you can use an authentication app. These are available for Android and iOS devices and maybe others. These apps reside on a mobile phone or other device. For each unique account you use 2FA for, there’s a constantly updating unique code. The code changes as often as every 60 seconds.

There are other options but 3 well known options are:

  1. Microsoft Authenticator
  2. Google Authenticator
  3. Authy

Broadly speaking the authenticator apps all work the same. To add an account there is usually a QR (Quick Response) code that you scan with your mobile device on which the authenticator app is installed. Alternatively there will be a code or key to be manually entered. You will want to avoid manual entry and use the QR code.

Google Authenticator

I am only using this as an example as it is the solution I choose to use.

Leave a comment