Two-Factor Authentication: Why and How to Use it on Your Devices
If you follow the news, you know how everyone, from simple users to hi-tech giants, is now obsessed with privacy and security. One of the most sacred terms in this context is “two-factor authentication”: this and that service, one or two companies report each day about implementing the 2FA which will make it safer for users. So, what is that 2-factor authentication, and should you use it, and if so, then how?
What Is Two-Factor Authentication, and Is It Always the Same?
Okay, so we have some private information: a mailbox, a bank account, a list of bookmarks, a messenger… Whatever you wouldn’t like to see on the first page of the NYT. How do you protect your access to this data, given that passwords and devices themselves can be stolen and misused by fraudsters?
The answer developed by today’s data security industry is the following. All you can use to confirm your identity can be sorted into three categories:
· Something you have. It can be the very device you use (your phone or tablet) or a special physical dongle with a chip. They work like your passport you show when crossing borders.
· Something you know. You may think of passwords and PIN codes, but this data can be various, including your birthday, your driver's license number, your email address, and whatever you use to confirm your identity when you, say, forget the password on a rarely visited site.
· Something you are. It’s about biometry: your fingerprints, your retina, your voice, up to DNA or brainwaves, uncommon as the latter ones are. When you unlock your phone with Face ID or Touch ID, you use exactly this.
In one-factor authentication, any of these is enough. But for further security, an extra step is required. The consensus in the industry says that combining any two of these factors is considered secure enough for everyday usage. Exactly as the song goes: two out of three ain’t bad.
Why and Where Should You Use 2FA?
Let’s start with an example. You are making a purchase at some online store. To make a payment, you enter the details of your credit card: that is something you know, it doesn’t even imply having a physical card. But then your bank prompts you to confirm the purchase. You receive an SMS with the code you have to enter or a phone call from an unknown number the last digits of which are required as the code. And only after this, your payment is accepted.
In this case, something you know (your credit card details) is supported with something you have (your phone number). The third element (something you are) may be involved as you unlock your phone, but it’s not necessary. This method of two-step authentication may work another way: it starts with something you have (your credit card when shopping at brick-and-mortar stores) and then requires something you know (your PIN code). This flexibility lets you recover access to your data when you, for example, lose your phone and haven’t restored the number yet.
It may seem the strangest part of it, but when it comes to your most precious containers of personal data – your phones and tablets – you probably already use the 2FA without even acknowledging it. Indeed, if we see your data as the target, accessing it through your phone requires two out of three factors: something you have (the phone or the tablet itself) combined with something you know (your PIN or a graphic key) or something you are (Face ID, Touch ID). Sometimes it’s assisted with another thing you have: many Apple users enjoy unlocking their iPhones with Apple Watch with their masks still on.
How Can You Activate 2FA
While most apps that work with sensible data offer you this option as you set them up for the first time, we’ll pay attention to the two most important data operators: Apple and Google. Your mobile phone or tablet surely is running either iOS or Android, so it makes sense.
To activate 2FA for your Apple account, do the following:
1. Open any browser and go to appleid.apple.com. If there is a window popping up on your iPhone or iPad with the 6-digit code you need to enter on the page, you have already set it up, so relax.
2. If there isn’t any request for confirmation, proceed to the Security section and add the phone number.
3. Choose whether you want to verify it with an SMS or a phone call (like described above).
4. Confirm your number with the code.
Now your Apple ID is protected. To do the same to your Google account (on an Android device), do the following:
1. Go to google.com
2. Click/tap your profile picture and then “My Account”.
3. In the “Security” section, tick the box at the “2-Step Authentication”.
4. Select the second step. It can be an SMS (add the phone number then if not yet), a backup code, a Google Prompt on your Android phone, or the Google Authenticator app for both Android and iPhone.
5. Confirm changes. Google may require your password again here, so make sure you do remember it as well as your browser does.
When it comes to social media, the algorithm is the same. The access to two-factor authentication is usually hidden in Settings/Security (the names may differ, but the logic remains). You better set up 2FA for any data that matters to you.
One-Two Step. Now You Can Dance!
If you have your data protected with two-factor authentication, the thing that remains is not to forget your passwords. Remember that writing down or printing passwords transforms them from something you know to something you have, so they can be stolen together with the device. The memory still matters!
Have you ever had an experience when two-step authentication really saved you from fraud or other troubles? If so, share these stories in the comments. We like stories where everything ends well.