- You might think your password
is a tough wall to crack
when it comes to your apps and identity.
But passwords are a
pretty laughable method
of authentication whether
from sheer brute force
or simple phishing, scammers
can scoop them up pretty easily.
What you really need is a
second way to verify yourself.
That's why many internet services,
a number of which have felt the pinch
of being hacked, offer
two-factor authentication.
It's sometimes called 2FA or
two-step and verification.
But what exactly is
two-factor authentication?
There are three generally
recognized factors
for authentication: something
you know such as a password,
something you have such as a
hardware token or cellphone,
and something you are
such as your fingerprint.
Two-factor means the system
is using two of these options.
In most cases, the extra authentication is
simply a numeric code, a few
digits sent to your phone
which can only be used once.
You can get that code via text message
or a specialized smartphone
app called an authenticator.
Once linked to your
accounts, the app displays
a constantly rotating set of codes
you can use whenever needed.
The arguable leader in this
area is Google Authenticator,
which is free on Android and iOS.
Other authenticators include
Duo Mobile, SaaSPass,
and LastPass Authenticator,
which all do the same thing
on mobile and some desktop platforms,
while the majority of
popular password managers
all have 2FA by default.
You can also go to
twofactorauth.org to find a list
of services that support 2FA.
As you panic over how hard
this all sounds, remember this-
Being secure isn't easy!
The bad guys count on you being
lax in protecting yourself
in order to grab your information.
Implementing 2FA means
it takes a little longer
to log in each time on a new device,
but it's worth it in the long run
to avoid some serious theft,
be it of your identity, data, or money.
