Twice the security on-line

Philip Brooks talks about two-way authentication in his latest Fenland Citizen blog
Philip Brooks talks about two-way authentication in his latest Fenland Citizen blog

While many people might not yet know the term “two-factor authentication,” there is every chance that you have come across it when you want to check your email, or perhaps your bank statement on-line.

Having a password alone unfortunately isn’t as secure as it used to be and if someone gets your password, they can access your account without any fuss. Even having a strong password doesn’t completely protect you. Two-factor authentication can help solve this problem.

But what exactly is Two Factor Authentication (or 2FA)? Basically it requires not one but two pieces of privileged information before giving access to an online account.

It works on the basis of “something you know and something you have” – i.e. when using your bank cash machine, you insert your bank card (something you have) and enter your passcode (something you know).

2FA can be a little time-consuming as most major sites and services offering 2FA do it as an optional security feature, so you’ll need to dig around in the security settings of each account to find it.

Much also depends on your willingness to ensure a higher level of security as you’ll need to prove your identity every time you log into a protected account from a new device.

However, 2FA does make it much harder for hackers to gain control of your accounts. For example, a hacker trying to access your email account has your email address and even your password, however doesn’t have the second element of the authentication process, which in most cases is a unique security code that’s sent directly to your mobile phone via text messaging.

Most major services support two-factor authentication when you attempt to log into your account from a new machine:

Google/Gmail sends you a 6-digit code via text message. It also works with the Google Authenticator app for Android, iOS, and BlackBerry.

Apple sends you a 4-digit code via text message or Find My iPhone notifications when you try to log in from a new machine.

Facebook’s two-factor authentication is called “Login Approvals” and sends you a 6-digit code via text message. It also works with apps like Google Authenticator for Android, iOS and BlackBerry, as well as the “Code Generator” feature of the Facebook app.

Dropbox sends you a 6-digit code via text message, although it also works with Google Authenticator and a few other similar authentication apps.

Microsoft sends you a 7-digit code via text message or email. It also works with a number of authenticator apps. Windows Phone users can download Microsoft’s own authenticator app from the Windows Store.

Yahoo! Mail sends you a 6-digit code via text message when you attempt to log in from a new machine.