Hackers want your passwords; help thwart them with 2-factor authentication
Hackers can easily work out passwords, as many are able to test billions of combinations in just a few seconds.
2FA, also known as multiple-step verification, is a log-in method that requires two different ways of proving your identity. There are three types of authentication factors:
- Something you know – A password, a PIN code, or an answer to a question.
- Something you have – A physical device such as a mobile phone or a token.
- Something about you – A biological factor (e.g., face or voice recognition, fingerprint).
Once you’ve entered your user name and password as part of your log-in, 2FA reconfirms your identity by building in a further step. You may be using some kind of 2FA already, the most common method being a one-time code sent to your mobile phone, which you then need to enter online. But 2FA processes can vary, so you’ll need to visit the websites you use to see what they offer. Look for the additional security features available to you. And don’t forget to always use strong passwords and to change them regularly.
What should you use 2FA for? Ideally:
- Accounts where you store any type of personal information.
- Accounts with payment information linked to them.
These might include accounts such as Facebook, Twitter, Gmail, online banking, shopping accounts, and cloud storage accounts such as iCloud and Dropbox. Bank of the West applies multi-factor authentication on a risk-assessed basis, so customers do not need to turn on this security feature themselves.
If you have multiple accounts with 2FA, you can use a mobile app to generate codes instead of receiving multiple SMSs. These apps might include Google Authenticator or Microsoft Authenticator. After the initial set-up, you can use the app without a network connection.
While setting up 2FA doesn’t mean your accounts become immune to cybercriminals, it does make them harder targets. So help protect yourself by setting up 2FA – it’s an important step to help thwart the hackers. For further reading, take a look at my earlier post on 2FA.