IT Blog

Featured Image

What Is Two Factor Authentication?

How secure are your phones, social media accounts, and bank accounts? A lot of people tend to think that they are very safe. Unfortunately, having a password alone is not enough to secure your various online accounts. There is sufficient evidence that goes to show that people have their devices, social media accounts, bank account and more hacked daily by cybercriminals. Do you know that globally, someone gets hacked every 39 seconds? So, it is crucial that you protect yourself as best you can.

Most people think they can secure their accounts with just a username and password. However, it is not a secure or very strong way to protect your accounts. You are still vulnerable to hacks. It is very easy to get access to someone’s account if one gets to know their password. Not surprising that a lot of accounts are hacked by simply obtaining the password to the account.

A better way to secure your account is to set up two-factor authentication for your account. Two-factor authentication is a subset of multi-factor authentication. It is an authentication method that grants you access after providing evidence or factors, something only you should possess the knowledge. An authentication factor is a piece of information used to authenticate a person’s identity as a security measure against intruders.

The factor in this context is a type of authentication to prove the identity of the user using a set of information-based verification data known only to the user. You know that having an ATM card cannot guarantee you access to the money in the account. You need to know the pin to be able to withdraw money, the pin could be a fingerprint, pin, or code.

Note. Username and email address are not factors as they are used to claim identity and are not to authenticate the user.

These are some of the factors to consider for authentication.

Knowledge Factor

It is a piece of information that is known to just you. You probably have it stored in your memory or noted in a place you can easily access it. It could be in the form of a password, personal identification number (PIN), or an answer to a security question.

Possession Factor

It is a piece of information you can carry with you. It is something you have, like a code, a short token that is been sent to your phone number or email address around 6-8 digits with an expiration time. The code is generated by the RSA SecurID or other multiple-factor authentication vendors. Tokens are something you can’t access until it’s sent to you and you see it. Other possessions include phone, USB key, ATM card.

Biometric Factor

It is a type of authentication where the information is part of your body. It is often biological such as your fingerprint, face ID, voice, retina scan.

Location Factor

It involves using a place where you are to secure your account. The service uses your internet protocol (IP) address to detect your location. If anyone tries to access your account from an IP address in another location.  They will be denied and you’ll be notified with a message that looks like this, “Someone tried to log into your account from a location different from yours, confirm if it was you ignore is you are not the one”.

Time-based Authentication Factor

It is a  form of authentication that works by detecting your presence at a scheduled time and a distinct location. You would first have to present a form of identity, also you would need to carry at least one form of authentication factor that may be recognized at the distinct time and location.

What is Two-Factor Authentication?

Two-factor authentication is an authentication method, a two-step verification based on two pieces of information you are required to provide to be granted access to an account. You will need to provide two of any of those factors for you to be granted access. The two factors could be your ATM card and your pin, your password and a code. Two-factor authentication is like securing your house by putting up a wall with a gate.  While it might be easy for someone with a key to simply enter a house with just a gate, it might get more difficult when there is both a fence and a gate to get through.

The two-factor authentication provides strong and better security for anyone using any kind of online services.

Why you need to get a two factor authentication

Privacy is a serious issue with the advancement in technology. It is now more important than ever to protect your digital life from cybercriminals. For a very long time password has been the common means of authentication, but it is no longer a safe security measure. Data breach and poor user practice tend to leave users to account vulnerable. One way to protect your digital life is to use the two factor authentication.

Two-factor authentication provides an extra layer of security by double-checking or verifying that you are the real owner of the account. With two factor authentication, you need to provide two things; the first is the combination of your username and password. The extra step is providing a token sent to your mobile number or your fingerprint before you can access your account. It makes it harder for cybercriminals to access your data. It’s like having the door of your home secured with a double lock, a deadbolt and the regular lock, or activating the alert system for your car. The idea is that an attack might compromise one of your authentication methods, but not both.

Two-factor authentication strengthens security by;

1. Making your data hard to crack. Hackers have the resources to generate ten billion passwords in a second. Because of the extra security, cybercriminals get discouraged and move to an account that is less secured and easy to crack.

2. It prevents data breach.

You get alerted when suspicious activity is been carried out on your account. you’ll receive a code either as a text message or an email verification. If you get such alert and the action wasn’t from you, that means your username and password has been compromised and it is advisable you change your password immediately.

3. It protects your data identity from been destroyed or your account from being used for fraudulent activities, spam, and other malicious act.

How Safe is Two-factor Authentication

As long as you don’t share the token sent to you with anyone you are safe. Various methods are been used to get your data such as phishing. Be certain of the website you enter, and where you log in your details. Also, be careful of third party login.

Protect your sim and your email address. Any access to any of these data can lead to the loss of your account. In cases where your authentication code is generated from an app on your phone, you would need to keep your phone safe, or you might lose your account if it gets into the wrong hands.

Two-factor authentication will not guarantee you a hundred per cent security, but the extra security is needed.

Why you need two-factor authentication

Although it might seem tedious, the two factor authentication reduces chances of fraud, identity theft or data loss for your online account. And it is recommended wherever possible.

1.Online Banking.

Transactions carried out online will not be approved until you verify it by providing the code been sent to you.

2. Online Shopping.

You will need to verify your transactions before it is approved by providing the code sent to your phone.

3. Email. ( Gmail, Yahoo Mail, Outlook)

When trying to access your email from another device you will need to verify if it’s your account, also some accounts send verification code through email.

4. Social media accounts. (Facebook, Twitter, WhatsApp, Snapchat, LinkedIn.)

To access this accounts from another device not recognized, you’ll need to authenticate the account.

5. Communications app. (Zoom, Skype, MailChimp.)

6. Password Managers.

7. Cloud storage account. (Dropbox, box.)

8. Productivity app. (Evernote, Trello.)

How to set up two factor authentication

The two factor authentication secures your account by adding more layer of security to the password. Setting up the two factor authentication will require you provide a one time code anytime you try to log in your account on another device or when someone tries to access your account from a device that is not recognized by your account. Here is how to set up the two factor authentication.

1.Log into your account via an app or website.

2. Go to the settings of your account and click on security. Locate the two factor authentication and click on it. You will be required to choose from the different options the kind of authentication means you want. The options are limited the what the services permit.

3. After setting that, when next you want to log in to your account you’ll be required to fill in your details, your username and password, and when it has been verified, you’ll be directed to provide your second details for verification, this can be a security token, fingerprint or any other form of verification you have chosen.

4. Some apps do not require the input of a password, you are directed to provide the required details for your authentication.

5. After providing both factors and are authenticated, you will be granted access to your account.

Different services provide different options for two-factor authentication, so you have different options to choose from.

SMS based Authentication

When you enable the SMS two factor authentication, you will be required to provide your phone number. This doesn’t require any app, you receive a text message anytime you log into your account. The text contains a one time password (OTP), some services call you and give you an option to dial a number or they may choose to tell you the code. However, you need to protect your sim. Also, some websites that have your number might want to use it for targeted advertising or password reset.

Authenticator App

It is an app that generates code on your phone based on a secret key. It uses a one-time password which grants access once. You will need to download and install the app, scan the QR code on the website containing the secret key. The app then generates a six-digit code that will allow you to log in alongside your password. It doesn’t require any phone number and any connection to a network provider. So even when you lose your phone number, you will still get the code. But the downside is when your battery runs down and you do not have a  backup code, you won’t be able to access your account.

Universal Second Authentication (U2F) or Physical Authentication Key.

It is a small USB, NCF or Bluetooth low energy (BLTE) device called “security key”. First, you need to register it. Then, whenever you log in on a new device, you must insert the USB key and press the button on it. It doesn’t require any code. The U2F recognizes the site you’re on and respond with a code that is specific to that site, it communicates with the browser and will not respond to any site it is not registered on. It is phishing proof. Not all browser supports this.

Push Notifications and App-based Authentication

It is another codeless authentication. It verifies the account by sending a notification directly to a secured app on your phone alerting you of an authentication attempt. You can either approve or deny access with just a click on your phone. This type of authentication verifies you by confirming that the registered device is in your possession.  Google uses this type of authentication,  all you need is the Google app installed on your phone. When you want to log in on a new device all you need to do tap on the notification alert on your phone. Apple’s two factor authentication works similarly on its own iOS operating system. When you attempt to log in on a new device it sends an OTP code to your phone that is already registered.

N.B: You can lose your account if you misplace your phone.

Email Based System.

Some services require your email address. Then, they will send an OTP to your email anytime you want to log in to a new device to authenticate you.

Recovery or Backup Codes.

Some sites offer you a recovery code to use when you need to log in, but you do not have access to your phone or security key. It’s important to keep the code safe.

Leave a Reply