Skip to content

Why You Should be Using 2FA Right Now

What is 2FA?

Have you ever been hacked or heard of someone being hacked? Ever wonder how it happened? 

 

Most times it deals with a compromised username and password Either this can be accomplished by exploiting a vulnerability in a system that stores their credentials or by social engineering, amongst other things.

 

But what if the attacker didn’t have another factor that would be needed to access your account? You may be thinking, well, they know my username and password…they already have two things. What other thing would they need?

 

The attacker only has one factor. They have something they know. Two Factor Authentication (2FA) includes another factor for access to be granted  

 

This could be something you know (password), something you have (mobile phone, CAC card), someplace you are (home, science lab), or something you are (retina, thumbprint). 

 

Requiring 2 of these is the foundation of two-factor authentication. The idea is to have one of each and not two of the same. So, knowing a username and knowing a password would not qualify. 

 

Knowing your username and having a security key would classify. No matter where in the world you tried to log in you would have to have both.

 

Multiple Factor Authentication (MFA) takes it a step further. It involves having multiple factors of any combination so long as it doesn’t have 3 or more of the same. For example, knowing your username, password, and mother’s maiden name would not qualify

 

Why you should use 2FA

To increase the security of your account you should use two-factor authentication. This is especially true when accessing financial and bank accounts. School, work, and government accounts should use two-factor authentication, as well. 

 

This only ensures that it is you accessing the account and prevents your account from being compromised. 

 

Consider your social media account. How important is it to you to be connected with your followers, friends, or family? What would it mean if you have lost access to your account or, perhaps, a Youtube channel with thousands of subscribers?

 

This has happened countless times and these users were more secure with their accounts. 

 

Malwarebytes, a leading antivirus software company, recommends training yourself, classmates, staff, friends, and family. They, also, suggest using two-factor authentication over third-party logins. 

 

Examples of third-party logins would be sites that allow you to “login with your Facebook account.” These accounts can still be accessed even if your Facebook account is disabled.

 

There are a few ways to implement two-factor authentication: software and hardware.

 

2FA Software

Software that allows two-factor authentication typically gives you a 6-digit time-based one-time password (TOTP) that expires after ten seconds or so. After the expiration time, you will need to retrieve another code and enter it before the time expires. 

 

This makes it a challenge for any hacker to circumvent the system and enter the code before the time expires. 

 

There are several options you can choose from:

 

Google Authenticator – one of the easiest authenticators to use. No backup options

Authy – secure and offers a backup option

1Password – can be used as an authenticator 

Microsoft Authenticator – works just as well as Google Authenticator

Okta Verify – popular MFA code generator used commercially

Duo Mobile – used with college and university accounts

LastPass Authenticator – less popular choice

andOTP – Android OTP uses both TOTP and hashed message authentication code or HMAC-based One-time password

 

The convenience of two-factor authentication software is that you don’t have to carry a dedicated piece of equipment for authentication. The software usually lives on a mobile device.

 

2FA Hardware

Two-factor authentication hardware is usually a small device with a USB-A, USB-B, or USB-C interface and a touch area or display on the other end. Just like with two-factor authentication hardware there are several options.

 

Yubico – touted as the best 2FA Security Key to this day

Thetis Fido U2F Security Key – a great alternative to the yubico

Google Titan – a nice addition to the Google security family

 

There are alternatives to using security keys and software such as Single Sign-On (SSO) and token authentication (think QR code). Single Sign-On is used predominantly in intranets such as corporate and university networks. Adding two-factor authentication just adds to your security.

 

In summary, Two-factor authentication makes your account more secure, helps stop bad guys from getting into your account, and can be easily used. Whether you choose a 2FA software or hardware method, you are making a great choice as you are choosing security.