TWO-FACTOR AUTHENTICATION: WHAT IT IS | WHY IT IS IMPORTANT | HOW TO USE

Geoffrey Nevine —Editor-In-Chief
0
TWO-FACTOR AUTHENTICATION: WHAT IT IS | WHY IT IS IMPORTANT | HOW TO USE

As we enjoy all the conveniences of the online world to make communication and access to information as easy as the literal push of a button, so comes the dramatic rise in digital crime and internet fraud. Just as you keep your wallet, purse and keys in a safe place, you equate similar importance with your online security usernames and passwords. Protection of your information, and for attorneys, the information of your clients, starts with online security.

As more and more people use password tools to create and keep far more complicated passwords, the first layer of online protection has improved. Nevertheless, should such passwords be hacked or discovered by another (e.g. leaving that sticky note next to your computer, you know who you are), that first line of defense was your only line of defense. That’s why two-factor authentication is a must have whenever possible.

Two-factor authentication is nothing more than an extra verification when logging in to ensure that the user who is trying to access an account is actually the person it belongs to. This way, even if a web user discovers one of your passwords, a second combination is requested if someone tries to break into your networks.

Safer platforms and applications rely on the two-factor authentication feature. Various social networks and email platforms use this functionality to ensure greater protection of their users’ data. The so-called “extra layer” of protection can be SMS, tokens, emails, and even biometric authentications.

How does this work?

For the purposes of this blog post, I’m going to focus on the commonly used SMS (a form of text messaging) method of second factor authentication. After the username and password are correctly entered – the first authentication factor – the second factor often is sent to you by a method of your selection such as via a cell number or email address already attributed to the account, or it will automatically be sent via SMS.

Within seconds you should receive a numerical code that you’ll then need to enter to complete the login process to your account. This sent 2FA code is a one-time use password and often expires quickly if not used, unlike a static, reoccurring PIN you may have for your debit card for example.

Alternatively, you can use a dedicated authentication app for a little added security and to avoid having to rely on your wireless carrier as the intermediary. These apps, such as Google AuthenticatorAuthy and Duo Mobile, receive codes instead of having them texted to you. You simply confirm with the app that you are currently logging into that account and the app communicates back to the account to complete the login without you having to enter any codes. Easy!

Why is this important?

The adoption of new online habits during the pandemic generated greater data circulation and, consequently, increased the number of attacks in the digital environment.

This is the case of phishing, a scam in which criminals send fraudulent messages that induce victims to click on links, download files, or inform their data. This way, the criminals are able to take possession of a victim’s personal information or bank details.

In addition, over the years and with the greater availability of technological resources, password cracking software used by cybercriminals has become increasingly advanced.

Faced with the growing number of threats in cyberspace, two-factor authentication becomes an essential security feature. After all, even if a fraudster manages to discover your main password, you guarantee that access to your account will certainly be hampered by the second combination to be requested.

Which accounts should I enable authentication for?

Ideally, this extra layer of security should be used for all possible services. If you need to prioritize any of them, start with the banking apps, apps in which your card is registered, and your personal email.

Why is it important to enable two-factor authentication in personal emails?

Count how many of your delivery apps, streaming apps, and other services are connected to your personal email. If cybercriminals have access to your email, they may end up gaining access to a number of other services as well. Therefore, it is essential to protect this account.

How Do I Start Using Two-Factor Authentication?

Visit Two Factor Auth (2FA) to find out which online services (from banking to government) use two-factor authentication and how to active it. Here are a few popular websites and how to activate 2FA on these account types:

Google

  1. Sign-in to your Google account;
  2. Visit Google here and click the blue Get Started button;
  3. Setup your cell phone number and indicate whether you want to receive codes by text or call;
  4. Enter the test code Google sends you;
  5. Click the “TURN ON” to complete the setup.

Google allows you to create printable one-time passcodes to use as backups when you’re away from your phone, like when you’re traveling. Also, you may add a backup phone number and set up Google’s Authenticator app.

Apple ID

On your iPhone or iPad:

  1. With your Apple ID password ready, go to Settings > iCloud, and select your Apple ID (likely your photo and name at the top);
  2. Select Password & Securityand then Two-Factor Authentication to turn it on and verify the cell number.

Dropbox

  1. Sign-in to your Dropbox account;
  2. Click your name at top right and select Settings;
  3. Select the Security tab under your Account Settings;
  4. Select the “click to enable” link under Two-step verification;
  5. Click the blue “Get started” button in the pop-up screen and re-enter your password;
  6. Select the use of text messages or a mobile app, and complete the process.

Facebook

  1. Sign-in to your Facebook account;
  2. Click the dropdown triangle button at top right to select Settings;
  3. Select the Security and Login menu for the categories on the left;
  4. Scroll down to select the Edit button under Use two-factor authentication;
  5. Click Enable, confirm, and re-enter your password. Be sure your phone number is correct and shown as Enabled.

X fomerly Twitter

  1. Sign-in to your x account;
  2. Click your icon on the top right and select Settings and privacy;
  3. Under Security, check the box for Login verification;
  4. Click the blue Start button in the pop-up window and complete the process.

LinkedIn

  1. Sign-in to your LinkedIn account;
  2. Click your icon on the top right and select Settings and Privacy;
  3. Under the Security tab, select Two-step verification new the bottom and click Turn on;
  4. Check the box for Login verification;
  5. Re-enter your password and complete the process including adding your phone number if you haven’t already.

 Amazon

  1. Sign-in to your Amazon account;
  2. Click Account & Lists and select Your Account;
  3. Under Settings select Login & Security Settings;
  4. Click Edit under Advanced Security Settings to find the yellow Get Started button to complete the process.

Just like protecting yourself and your valuables at home, no level of defense can offer complete protection. But the more layers of defense you can apply, the more difficult it will be for a break-in to happen. And the extra layer of defense also may serve as a deterrent to would be burglars, or hackers.

Conclusion

All in all, we can conclude that two-step verification is a simple — and fundamental! — security measure which can be easily implemented in your everyday life.

The process of linking the first access to the second ensures that those who do not have the code generated are not granted access to the account

The only way someone else will be able to access your network is by knowing the second combination requested by the service.

Therefore, never share the verification code with anyone!

Previous Post Next Post

Post a Comment

Post a Comment