Menu
5 things you should know about two-factor authentication

5 things you should know about two-factor authentication

Here are the basics to help you stay secure online

One of the best pieces of security advice any computer expert can give you is to enable two-factor authentication for websites that support it. With password breaches so common nowadays, it could be the one thing that keeps hackers from stealing your identity online. Here are five points to help you understand this technology.

Two-factor authentication or two-step verification?

A lot of people think they're the same thing, but that's not really accurate.

There are three types of authentication factors: something you know, such as a password or PIN; something you have, such as a mobile phone or a special USB key; and something you are, such as your fingerprint or other biometric identifier.

While two-factor authentication combines two different factors, two-step verification uses the same factor twice, for example a password and a one-time-code sent via email or SMS.

You might think a code sent to a phone qualifies as a second factor, since the phone is something you physically have, but SMS is insecure and the code can be intercepted. From a security risk perspective, that makes it similar to a password.

While two-factor authentication is more secure than two-step verification, both are better than relying on a single password. So regardless of which one is on offer, take advantage of it.

One account that rules them all

If there's one online account that's worth protecting above all others, it's your email. That's not just because it contains your private conversations, but because it serves as a gateway to your other accounts.

Most online services ask users to sign up with email, and rely on that to reset passwords and send important communications. An attacker with access to your email can search for old registration emails and find out where you have accounts online. He can then reset passwords and communicate with technical support staff at those websites.

Start your adoption of two-factor or two-step authentication by turning it on for your email. All the large email providers including Gmail, Yahoo and Outlook offer this.

I did that, now what?

If you're using a password manager, make that your next priority. The most popular password managers have a two-factor authentication option.

Then enable it at other sites. Many popular services support two-factor authentication, including Facebook, Twitter, Apple ID, iCloud, Amazon, PayPal, LinkedIn, Snapchat and WordPress.com. Mobile identity provider TeleSign has set up a website at www.turnon2fa.com with detailed tutorials for enabling two-factor authentication at many of those services.

To trust or not to trust

Most websites that support two-factor authentication allow users to mark devices as trusted when they authenticate for the first time using both factors. This essentially disables two-factor authentication for those trusted devices, and allows the user to authenticate with only their password in future.

This is good for usability, but it's not great for security. If you turn off two-factor authentication for a trusted device, you can make it easier for hackers to access your accounts, so you should be aware there is a trade-off.

Read more: 'Businesses must work harder to be seen as digitally trustworthy in the eyes of their customers'

There's also the fact that if you lose your phone or computer, you can't be certain that the thief won't find some way to unlock it.

Fortunately, most websites give users the option to remove any of their previously trusted devices in case they are lost or compromised, so keep that in mind.

Do I risk locking myself out?

In most cases, your phone will be central to your two-factor authentication experience. It will be used either to receive codes by SMS or to generate them using special apps like Google Authenticator. But phones are easily lost, stolen or broken.

The good news is that most online services have contingency plans for those scenarios. Some companies allow users to specify a backup phone number that can be used for account recovery. Others provide backup codes when turning on two-factor authentication that can be printed on paper and kept in a safe place.

If these options fail, you will most likely have to call or email the company's technical support department and prove the account is yours, for example by providing information about the account that only you would know. Either way, getting completely locked out of an account is extremely rare.


Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags securitytwo factor authentication

Featured

Slideshows

Kiwi channel comes together for another round of After Hours

Kiwi channel comes together for another round of After Hours

The channel came together for another round of After Hours, with a bumper crowd of distributors, vendors and partners descending on The Jefferson in Auckland. Photos by Maria Stefina.​

Kiwi channel comes together for another round of After Hours
Consegna comes to town with AWS cloud offerings launch in Auckland

Consegna comes to town with AWS cloud offerings launch in Auckland

Emerging start-up Consegna has officially launched its cloud offerings in the New Zealand market, through a kick-off event held at Seafarers Building in Auckland.​ Founded in June 2016, the Auckland-based business is backed by AWS and supported by a global team of cloud specialists, leveraging global managed services partnerships with Rackspace locally.

Consegna comes to town with AWS cloud offerings launch in Auckland
Veritas honours top performing trans-Tasman partners

Veritas honours top performing trans-Tasman partners

Veritas honoured its top performing partners across the channel in Australia and New Zealand, recognising innovation and excellence on both sides of the Tasman. Revealed under the Vivid lights in Sydney, Intalock claimed the coveted Partner of the Year 2017 (Pacific) award, with Data#3 acknowledged for 12 months of strong growth across the market. Meanwhile, Datacom took home the New Zealand honours, with Global Storage and Insentra winning service provider and consulting awards respectively. Dicker Data was recognised as the standout distributor of the year, while Hitachi Data Systems claimed the alliance partner award. Photos by Bob Seary.

Veritas honours top performing trans-Tasman partners
Show Comments