Sometimes, creating a strong password isn’t enough. Sometimes, you need an extra layer of security in order to keep your information safe. That extra layer can be anything, but the best start is in the form of Two-Factor Authentication (a.k.a. 2FA). Since it can be used for both personal and professional use, 2FA is a great way for everyone to keep themselves and their information safe.
What is it and How Does it Work?
Two-factor authentication adds an extra level of security by asking for two ways to confirm one’s identity, rather than one. This can be through multiple means: a PIN, security questions, text message or email, and even face or fingerprint identification. So, even if your password is stolen, when 2FA kicks in and a text message is sent to your phone, the hacker won’t truly be able to break into anything.
Two-Factor Authentication comes in three forms: knowledge[K], possession[P], and inherence[I]. Each of these categories require the user to provide different kinds of additional information in order to prove their identity.
- Knowledge factor- something a user would know, usually in the form of a passcode, PIN, or other known code.
- Possession factor- something a user would have on hand, with most common examples being an ID card, cell phone, or smartphone app.
- Inherence factor- something that is usually a physical feature of the user (physical characteristics, voice, etc.)
2FA comes in many shapes and sizes, choosing the right one for you will greatly reduce the risk of being hacked.
Types of 2FA
There are many kinds of two-factor authentication, but some are more popular than others.
Hardware tokens[P] are known as the oldest form of 2FA, hardware tokens almost look like a small keychain that generate codes every 30 seconds. This device is used to access the user’s account, whatever code is on the token gets entered along with their password in order to prove their identity. However, these tokens have proven easy to lose and expensive, so these have mostly fizzled out over the years.
Software tokens[K] (a.k.a. the most popular form) generate one-time passcodes, that are needed to gain access to any of their accounts. Since this is also available for mobile phones, this is a great choice for anyone who has lots of accounts on their phones or anyone who always has their phone on hand.
SMS and voice based[P] authentications are sent directly to the user’s mobile phone. Usually in the form of a text message, a one-time passcode (similar to software token) gets sent and is needed to gain access to the account. This can also be sent in the form of a phone call, but this is very uncommon. However, despite the convenience, this method is mostly seen as the least secure method of 2FA.
Push notifications[P] are another great choice for mobile users, this method sends a notification directly to your cell phone – as well as your PC if necessary. There are no codes or one-time passwords to remember for this type of 2FA, making it especially good for people who prefer security that is also easily accessible.
Biometric[I] authentication has become much more popular in recent years, especially with the release of fingerprint scanning and Face ID for iPhone users. This type of 2FA authenticates by treating the user as the token. Though other forms are much less common, biometric authentication also includes voice recognition, speech patterns, keystroke dynamics, and more.
How can I get Started?
The first thing you’ll need to do when looking into 2FA is understanding what you’ll be using it for – will it be for your personal accounts, is this going to be a security upgrade for your business, or somewhere in between?
The second thing to think about is how you want to have access to this second form of authentication. Most 2FA platforms can be accessed through multiple devices, but will you always have your phone handy when logging into business accounts?
The third thing to consider is pricing; if you want to pay for extra features, or if you just want 2FA for personal accounts. We recommend choosing a free option if you’ve never used 2FA in the past, to get yourself acquainted before you pay for extra security.
Regardless of what you use it for, two-factor authentication is the best second step you can take to keep your information safe online. The extra layer of security will save time, money, and stress later. We like OTPAuth for mobile phone users and Authy for desktop user, but every person has their own preferences, so ask yourself what your priorities are –ease-of-access, cost, etc.– and pick the 2FA platform that’s right for you. Take the time today, to help yourself tomorrow.