What is Two Factor Authentication?

What is Two Factor Authentication(2FA) and why do you need it?

When you login to a website or program and you enter your password, that password is essentially 1 factor authentication.  You only needed one piece of information to gain access to your account, which in turn means that someone with malicious intent also only needs to find out your password and they too, can gain access to your account.

Most people are already familiar with 2FA and don’t even realize it.  Most financial websites or apps anymore require a second factor most typically in the form of a text message.  When you try to login to one of these services and it sends a text to your phone with a code to complete the login; that is the second factor in 2FA.

The reason this is so important is that there are many ways someone could get your password.  Maybe you told it to someone at work, or you wrote it down on paper or on your computer.  A person can do what’s called a Brute Force Attack where they have a program try and guess your password over and over and over.  Your password could have been involved in one of the data breaches at any number of high-profile sites, most recently Equifax.

To check and see if any of your email addresses have been involved in any data breaches go to https://haveibeenpwned.com

If you use the same password for everything, as many people do, then there is a good chance that your password has been involved in a data breach.  Now that your password is out there some where on the internet, what’s to stop someone from getting into your accounts that are up to no good?  Nothing.  With out 2FA as soon as someone has your password, they have your accounts.

By implementing 2FA on all your accounts you can stop them in their tracks.  If they have your password and they try and login to your banking website and it pops up and says “We sent a text to your phone” then they are now stuck.  They don’t have your phone so they don’t get the code and they can’t login.

The amount of accounts that we have seen compromised could have easily been stopped by setting up 2FA.   If you are worried about needing a code every time you login to one of your favorite websites, don’t be, after you login once you can set what ever device you are using to be remembered.

Most major websites support 2FA, you can check and see if your favorite sites are supported by going to https://twofactorauth.org/

Don’t be one of the may calls we get saying you have been hacked!  Contact us about making sure your business is using 2FA.