Overview: The Importance of 2-Factor Authentication

With all the recent security breaches, hacking stories and concerns over online privacy, no doubt you’ve been hearing a great deal about 2-factor authentication (2FA) lately. Also, chances are that despite all the news coverage, you still may have no clue what 2FA is, much less how to actually use it. Well, that’s about to change.

In the simplest terms, 2FA adds an additional layer of security beyond the standard User Name and Password combo that we’re all used to. Most often the secure 2FA site sends a unique one-time use login code to a trusted device (iPhone/iPad, telephone, laptop) that you have in your possession. This 2FA login code is in addition to your regular User/Password combo. Why is this more secure? Because even if somebody has figured out both your user name and password, unless hackers have your trusted device in their possession to get the additional 2FA code, they aren’t going to be able to access your data.

Yes, this method is marginally more cumbersome than the usual way of accessing websites, but when balancing convenience and security, often a small degree of convenience needs to be sacrificed. Different sites have implemented 2FA differently; some send you a text message with the required code, while others necessitate using a dedicated verification app like Google Authenticator to generate the access code. Regardless of the method used, they’re both considerably more secure than not using 2FA.

Have I sold you yet on the value of 2FA in securing your data? If not, here’s a list of links to the 2FA setup instruction pages for some of the most common online services providers. More providers are adding 2FA to their sites every month, so if your most commonly used sites don’t have it yet (I’m looking at you Wells Fargo Bank!) they’re likely to before long.

• Apple ID
• Facebook
• Twitter
• Google
• Dropbox
• Yahoo
• PayPal

That list is of course just a fraction of the sites using 2FA to secure your data, but contains the sites most of our clients use regularly. For a considerably more expansive list, be sure to check out https://twofactorauth.org for the biggest list of websites and their 2FA status that I could find. As always, if you need additional help setting up 2FA for any of your providers, don’t hesitate to reach out.