(For a summary of what 2FA is, please see our previous post here!)
In the past few years, we have become more heavily reliant on the internet and connected devices and software for day-to-day tasks, so it follows that there has also been a huge increase in the amount of accounts that people have in order to access these services. With each account, of course, comes more valuable and sensitive personal data, and attacks to steal that information have been getting ever more complex and sophisticated – meaning that cyber security has become something of an arms race between those which seek to compromise and exploit this data and the organisations who need to store it securely.
This kind of sensitive data has always existed of course, but now it is being stored in increasingly large amounts, and securing it is no mean feat. A lot of organisations have turned to two factor authentication (2FA) for greater security.
There’s a good chance you may have already used it, and not realised that the method you used was under the umbrella of 2FA! Along with software tokens, which we covered previously, there are a few other forms of 2FA. For instance, Microsoft, Steam, Uber, Twitter, and many banks now offer some form of it, in order to help their customers secure their accounts – It can take the form of Email, SMS, biometrics or even a hardware key.
Some services like banks offer small devices that are linked to your account and generate a number each time you need to perform specific tasks. Other services like Uber will send you a code via text message (SMS) in order to let you log into your account from a new device. Steam, a popular gaming platform, will send you a code via email each time you try to log in, if you don’t have their software token set up. Other companies will use the biometric sensors on your mobile or tablet to help secure your account.
All of these methods are two factor authentication – they add an additional step and help you to secure your accounts. Some methods, such as software or hardware tokens, are more secure than others, such as email or SMS.
Common methods of 2FA:
Sometimes these extra steps may seem like a hassle, but a recent report from Microsoft shows that accounts with 2FA or MFA (multi-factor authentication, involving two or more steps) are protected against 99.9% of automated attacks. That’s a lot of potentially compromised accounts protected.
Our advice, echoing that of Microsoft and Google, would be to use 2FA or MFA if it is available to you – the added security of this extra step definitely outweighs the addition of a few seconds onto your login time!