Imagine waking up on a splendid spring day, opening your laptop and realising that you can’t access your online accounts anymore. Your email has been breached, your website, your most precious work, is now gone, and your credit card was used for shady transactions.
In a nutshell, this is what I experienced almost 6 years ago.
All the ruckus was caused by one of my ex-employees, whom I had recently fired. I suppose this was his way to get revenge.
Fortunately, he didn’t cause any unfixable damage, but made me a little bit paranoid about my online security. Ever since I’ve been trying to adopt every measure within reach in order to avoid future similar hacks. But I’ll share more on what I’ve learned from this experience in a separate article I’m writing.
This week’s cyber security guide is about something that, if it had been available back then, probably none of this would have happened: Two-Factor Authentication.
So, what exactly is Two-Factor Authentication?
Two-factor authentication, also called multiple-factor or multiple-step verification, is an authentication mechanism to double check that your identity is legitimate.
How does Two-Factor Authentication work?
When you want to sign into your account, you are prompted to authenticate with a username and a password – that’s the first verification layer.
Gmail login procedure (email and password)
Two-factor authentication works as an extra step in the process, a second security layer, that will reconfirm your identity.
Gmail - login - enter verification code
Its purpose is to make attackers’ life harder and reduce fraud risks. If you already follow basic password security measures, two-factor authentication will make it more difficult for cyber criminals to breach your account.
However, you shouldn’t expect it to work like a magic wand that will miraculously bulletproof your accounts. It can’t keep the bad guys away forever, but it does reduce their chance to succeed.
What are the authentication factors?
There are 3 main categories of authentication factors:
1. Something that you know – This could be a password, a PIN code or answer to a secret question.
2. Something that you have – This is always related to a physical device, such as a token, a mobile phone, a SIM, a USB stick, a key fob, an ID card.
3. Something that you are – This is a biological factor, such as a face or voice recognition, fingerprint, DNA, handwriting or retina scan. However, some of these are quite expensive, so, unless you work in a top secret / Mission Impossible kind of facility, you probably don’t have this kind of authentication method implemented.