4 Things to Know About Two-Factor Authentication

The Internet age requires most of us to have accounts online that provide access to valuables. Whether those valuables are a checking account or a video game library, they are at risk of being compromised by identity thieves. An innovation meant to make such theft more difficult to pull off is two-factor authentication, which requires verification from two distinct points.

1. Two-factor authentication is different than two-step verification.

Two-factor authentication and two-step verification are similar concepts. Sometimes, the terms are used interchangeably. But technically, two-step authentication is different in that it involves two different modes of verification. Two-step verification demands authentication in two phases, but both of those steps can be completed via a single mode. Both are strong ways to secure an online account, but having two or even three or more factors makes account theft nigh impossible.

2. Two-factor authentication cannot be brute forced.

Weak passwords are still the leading cause of security breaches. But strong passwords are not impenetrable. They can be brute forced or guessed or even gained via a wider security breach. If an account is only password protected, that account is easily compromised. But with two-factor authentication, someone can have your password and still not be able to access the account. The thief would need to be able to associate the account and password with the other mode you’ve linked.

3. There are multiple forms of two-factor authentication.

Hardware tokens are the oldest form of this verification and were used by the government and military long before the average person was considering it. Software tokens is the most widespread approach and generally requires the user to have a dedicated app installed. Push notifications have also become prevalent so that a user knows when an access attempt is taken place. We are also not far off authentication via fingerprints, facial recognition and so forth, and when those become a bit more practical and prevalent, they are sure to become the de facto standard.

4. More than 80 percent of data breaches are preventable with 2FA.

One of the leading telecom brands in the U.S. recently completed a study of data breaches. It found that in more than 80 percent of all successful breaches, accounts that had or would have had 2FA enabled would have been protected.

As a general rule, you should always opt for two-factor authentication when an account provides access to valuables or it is an account that would be a major inconvenience to lose. As for three or more factors, two is generally enough. Some sites and apps do give you the choice of three or more, but keep in mind that each factor will add to the delay between logging in and gaining access.

Have your say