What is 2 factor authentication?Posted on 15 September 2017 by Beaming Support
It can be a cause of frustration, but 2 step verification is increasingly becoming the norm to ensure the security of user accounts on platforms such as Gmail and the Apple store
2 step verification, also known as two factor authentication or 2FA, is a type of enhanced security to verify a login attempt to an account. It involves a username/password used alongside a second form of authorisation. This helps to prevent identity theft, adding another layer of security. Typically the second step involves confirming a log in from an unusual device/location by way of a text or email. A hacker trying to access your account needs two sets of data (your username and password for the account, plus a special passcode sent to you by Gmail, Apple etc. via text message or email). This decreases the likelihood of them gaining access.
Most banks use this type of security for online and telephone banking. They’ll require you to log in to your account using a username/password alongside selected details from your bank card. A lot of websites that use two factor authentication provide the option to email a code or text it to a mobile for you to then enter onto the website to enable access. When setting up the authentication you would provide your mobile number to enable the texting option so that it can be confirmed that this device belongs to you.
Many popular websites and applications (Microsoft, Google, Whatsapp, Dropbox, Amazon, Facebook, PayPal, MailChimp and Twitter to name a few) will have the option to enable two-factor authentication, usually found within the profile and security settings and we recommend that you do use these options where available.
Types of authentication
There are multiple methods of authentication that can be used as a second factor, such as:
- Mobile Apps
- Phone Calls
- Text Messages
- Security USB Keys
A disadvantage is that you need to carry the necessary equipment (security key, mobile phone) around with you. Of course if this was lost or stolen, you’d be temporarily unable to access your account. Learn what to do if you need to use 2FA but your phone is lost or stolen.
If you came to this article wanting to know how to disable two factor authentication we’d discourage this. Any process that adds an extra layer of security to your sensitive data should be welcomed.
Using 2FA is just one of the ways in which we advise you strengthen your passwords – click here to read our top 5 tips for increasing your business’ password security
Need more guidance on cyber security?
Beaming’s Business Guide to Cyber Security will help you identify weak spots in your business and gives practical guidance on protecting against cyber attacks.
We share more helpful articles in our Knowledge Base
Azure MFA for RDS no longer works for Microsoft Authenticator Application after installing latest NPS Azure Extensions30/08/23
Can I still use 2FA if my phone is lost or stolen?
What happens if you don’t have access to your phone, but you need it to verify your log in attempt?
Why using 2FA is worth it
Two-factor authentication is an added layer of security for your accounts. But is it enough, and what are the alternatives?