Read the headlines of almost any newspaper, magazine, or newsfeed and you will find stories of hacking.
People just like you and me having their identities stolen, their emails and privacy breached, your website wiped away, your credit cards used on shopping sprees around the world, yet it CAN be prevented. If more people used two-factor authentication, they could stop it all from happening.
So what is Two-factor authentication exactly?
Two-factor authentication, also called multiple-factor or multiple-step verification, is an authentication mechanism to double check that you are well you. It validates your identity as only you can and if the person trying to access it fails they don’t get in, simple as that.
There are a few different ways that Two-factor work, yet the concept is all the same. The first layer is your username and password combination that almost everything uses nowadays from social media, credit cards to simply accessing your phone or pc.
The Second Layer – hence making it TWO-factor can be any of the following:
-
You and only you know – this could be a pin number, a secret question or even another passcode.
-
Physical validation – This is something such as a cell phone, USB, token, keychain, generally a random code generated device.
-
You are the answer – As technology advances, so does verification from facial recognition, voice matching, retina scans, fingerprints and more.
Usually, any of these secondary factors also have a time stamp and even location involved. Similar to the Mission Impossible theory that the message will self-destruct. In this case, they are usually invalid after a period of time and have to be requested again if time expires.
Hacking has been the new income. Forget the Bitcoin, stocks or anything else. In today’s economy information sells, namely your information.
That’s right! What we once thought to be sacred to the point where we stored our social security cards in safes or lockboxes is now an everyday commodity.
The recent Equifax exploitation should prove our information is not safe. Not even safe with those who market themselves as the guardians of our personal information.
Some questions people ask:
- Isn’t virus protection enough to protect my information?
- I use a password manager like LastPass, that is safe enough right?
- Why is two factor so cumbersome?
First virus protection, protects you from most viruses. It is not 100% effective and it does not keep your information away from others. Think of it more of a preventive like the flu vaccine.
Password managers while some are fantastic, they too are a hackers paradise. I personally use and recommend LastPass. Even with that being said it is not perfect.
Two-factor is not supposed to be necessarily convenient. If it were, everyone would have it, and it would be easy to be hacked as well.
When combining two factor with a password manager, you are building up lines of defenses to protect your information. Having a password and an extra factor authentication does not make your accounts 100% safe. It’s not a foolproof way, that will make your account unhackable. No, it only makes it more difficult to access by those unsavory people who have no right to your information.
You might be wondering what accounts call for two-factor, here is a list of the obvious ones, some of which actually require it, all of them should.
- Bank accounts (any time you access your bank online, even to check a balance)
- Email (Yahoo just got hacked, in fact, might want to just quit using them entirely)
- Password Managers (LastPass is my recommendation, but any and all should be protected)
- Social Media accounts (Facebook, Instagram, Twitter, LinkedIn add it to all of them even if not required)
- Notetaking applications (Allo, Evernote, anywhere you put notes or data online)
- Cloud storage (Dropbox, Google Drive, Amazon Cloud)
- Messaging applications (Messenger, Zoom, Skype)
- Shopping (Amazon, Overstock, Ebay, wherever you shop)