December 5th, 2018

What is Two-Factor Authentication & Why Should You Use It?

Two-factor authentication, sometimes known as multi-factor authentication, is a security procedure for logging into any service or website. Instead of simply putting in your password and getting logged in, you must put in your password and then further verify that you have the authority to access the account, typically through a secret code sent to you via text, e-mail or even phone call.

Two-factor authentication may also include a physical piece of property that only you would have access to, such as a specific mobile device, or security questions that only you would know the answer to. Even bio-metric data could be used for two-factor authentication.

While two-factor authentication may seem like a fairly recent security development, most people have actually been using it for decades. ATMs & banks use a form of two-factor authentication because you must not only have the correct PIN to access your account, but also the matching debit card, which acts as a physical token that only you have in your possession.

Why should you use two-factor authentication?

1) Secure Your Data Everywhere

Just as you use a PIN with your ATM debit card to make sure that only you access your money, two-factor authentication keeps your data safe. This is especially pertinent when using unsecured wireless networks. You may think that your local library’s connection is safe, but any wireless network without a password is just not secure. Someone could be watching what you do, and even recording usernames and passwords. However, with two-factor authentication, only you will be able to actually log into the account, even if someone does skim your password through an unsecured network.

2) Protect Your Business From Vengeful Employees

When you have to fire someone, it may not be under the most friendly of circumstances. Sometimes those who have been let go have a vendetta against you, and they may try to log into company accounts from a remote location in order to either delete, steal or manipulate company information. By implementing two-factor authentication that is dependent on certain factors that only you or someone in your office has, you can protect your business.

Depending on your industry, you may feel your data is more or less desirable. Some industries have multiple layers of security for those who access certain data because it needs to be secure. Everyone should treat their most precious data in this way, but for some it may be more important than others. If you’re worried about industry spies, data leaks of exciting new products or any other type of breach that could be detrimental to your business, use two-factor or multi-factor (more than two factors) authentication.

3) Your Password Is Already Everywhere

Through multiple data breaches, it’s likely that your favorite password is already out there. Hackers can easily purchase this information. Then they use it on their favorite websites to see if you have an account there. If you use the same password for multiple accounts, they will be able to log in. It’s a scary thought, but with two-factor authentication, you can protect your data even if your password is pasted all over the internet.

The importance of two-factor authentication is clear in our fast-paced technological society. It’s simply an extra layer of protection that ensures your data will stay secure. So, how can you implement two-factor authentication? Well, unfortunately, much of the time it is dependent on the service you are using. Some online accounts, like Google, MSN or Yahoo have been using two-factor authentication since 2011. Others have implemented it more recently. Even if your service doesn’t have two-factor, there are a few other ways to make sure you have that extra layer of security.

One company called Yubico offers actual keys, called Yubikeys. They are physical USB devices to unlock your computer or a specific program. It can be configured to work with Salesforce, LastPass and even Gmail, or your computer as a whole. They also have an option that can work with Android mobile devices.

Certain password managers – services that securely store and even create unique passwords for extra security – have options for two-factor authentication. One of the most popular of these choices, LastPass, offers two-factor authentication through Google’s authenticator tool. It makes sense that you would want an extra layer of security for the place where you store all your most precious passwords. Dashlane, another popular option for password management also supports two-factor authentication.

So, what accounts should you have two-factor enabled for? Well, some might advise it for all of them, but that can get tedious for the average person. If you only want to have it on some accounts, experts recommend starting with your e-mail account. That’s because your e-mail address is already public information which is one half of the equation needed to break in. You use your e-mail address as a username on many other sites as well, and your e-mail account can be used against you to reset important passwords for your accounts on banking and social media sites. So, start with your e-mail and then go from there.