What is 2-Factor Authentication & Why is it Important?

You may have heard the term before but if you are not a tech nerd there is just as good a chance that you have not — and that is truly a shame. With hacking on the rise and people’s entire lives residing on the internet, it is more important than ever to think about your digital security.

So what is 2-factor authentication?

Simply put, 2-factor authentication (two-factor autentication or 2FA) is the technology used to gain access to a site/service/app using more than just 1 method of authentication (the most common single method being a username/password). Instead, 2-factor authentication relies on both a username/password combo in conjunction with something that typically cannot be guessed or “hacked” remotely, such as a code sent to a user’s mobile phone or biometrics (fingerprint, iris scan etc.).

2-factor is a type of multi-factor authentication that has exactly 2 factors (or required methods) for authentication. Highly secure systems might employ X-factor authentication, substituting X for as many factors as desired (think FBI-level security).

Why is it important?

If you knew how vulnerable your digital information was without 2-factor authentication, you wouldn’t be asking that question.

You see, there are many ways that digital assailants can gain access to your accounts: phising, social engineering and brute force attacks to name a few. With multi-factor authentication, it makes it significantly harder to gain access. They may have gained access to your login information via phising, social engineering or a brute force attack, but without the 2nd piece of authentication, they will not be able to do anything with it.

With 2-factor authentication enabled, the site/service/app in question will request a piece of information that only the legitimate user would have (in all likelihood).

The Prince of Nigeria Example

Prince of Nigeria - I will burn my money. Those white people never answered my emailsThe Prince of Nigeria has emailed you, offering you $1,000,000! Your lucky day! However, to deposit the money he has asked for your online bank account’s username a
nd password. You should give him the info so you don’t miss out on an easy million!

Of course, you know that such emails are a scam and thought better of it. However, if you did not, he would have access to your account (in reality, banking systems are more sophisticated than this even but let’s pretend).

If you had 2-factor authentication enabled, the Prince of Nigeria would find himself being asked for a code that was sent to your mobile phone or some similar piece of information that he can not obtain unless he is sitting in your living room.

In Conclusion

If you haven’t done so already, start thinking about the online services that you use that contain sensitive information. See if they offer 2FA and enable it wherever possible. Some suggestions: your email, Facebook, your bank (if they offer it) etc.

Many sites/services offer 2FA in the form of a passcode sent to your mobile phone, which is convenient. Otherwise, I highly recommend Last Pass Authenticator (or Google Authenticator), which provide a temporary code on your phone to enter for verification.

If you liked this post, I recommend:


Learn Something New Subscribe

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s