20 October 2020
4 min
ReadWhen you log in to your accounts online, you mostly use a simple username and password combination to do so. Therefore, adding two-factor authentication to your login process is a simple way of adding an extra layer of security to your accounts. This article outlines how 2fa works, how it can benefit out and how to enable two-factor authentication (2fa).
Adding another level of security with 2FA makes it harder for an attacker to access your online accounts, therefore just knowing your password isn’t enough, and, if you’re running a business, 2FA can also help you keep your business systems and data safe.
Find out about 2FA for business
How 2FA works
When you log in to an online account with a username and password, then you’re using what’s called single-factor authentication. You only need one thing and that’s your password which verifies that you are who you say you are.
With 2FA, you need to provide two things, your password and something else, so there’s that extra safety step in place before you can access an account. so, you can now authenticate (prove you are you) based on something you know, you have and you are.
Something you know could be your:
- password
- passphrase
- security questions, or
- PIN number.
Something you have could be:
- a physical device, for example:
- security tokens and fobs assigned to a specific person that generates a temporary access code, or
- your phone, where you get a call back to press certain phone keys to grant access to an account
- software, such as an application like Google Authenticator, that:
- sends a notification to your smartphone, or
- provides you with a temporary access code.
Something you are includes things like:
- fingerprint scans, and
- voice recognition.
A 2FA example
For example: with 2FA, if you want to log into one of your social media accounts, you might need both your password and a temporary access code from an app on your phone. That means that even if someone finds out what your password is, they can’t get into your account with that alone. They’d also need to have physical access to your phone so they can get the code, which isn’t very likely.
If you receive a temporary access code for an account you weren’t trying to log into, change your password. It could be that someone’s got your password details and they’re attempting to access that account without your knowledge.
Why do you need 2fa and how do you turn it on?
Uses
You can enable 2FA on most of your online accounts, like your:
- email accounts
- social media networks
- internet banking
- online shopping sites.
You can also set 2FA up on your devices including on laptops, tablets, smartphones, and even some game consoles, but like any security measure, 2FA isn’t bulletproof, so make sure you’re still using strong passwords and have robust security settings on your devices and accounts.
It’s possible to intercept verification codes that are sent by text. While using 2FA via text is much safer than not using 2FA, if there’s a different method available then we would recommend using that instead.
How to turn 2FA on
You’ll often find the option to enable 2FA in the privacy settings of your online accounts, however some online services don’t call it two-factor authentication. Instead, you may hear it referred to as multi-factor authentication (MFA). Others use different terms, for example ‘security key’, when they’re talking about 2FA. Banks all enable their 2FA systems differently. Some will have different options depending on if you’re logging into your account on your desktop, laptop, or mobile device. Check your bank’s website to see what their 2FA options are, and how to set it up.
Privacy champions, pixelprivacy have a great blog detailing which global websites and apps offer the option to use 2FA, and gives instructions on how to set it up for each one.
*Article sourced from CERTNZ www.cert.govt.nz
