Hackers want your passwords; help thwart them with 2-factor authentication

David Pollino
Posted by David Pollino
Security

Hackers can easily work out passwords, as many are able to test billions of combinations in just a few seconds.

Asian man sitting at table outside using his laptop and checking a text message on his phone.Two-factor authentication (2FA) offers another line of defense, so I set it up for my online accounts whenever I can, and I recommend you do, too.

2FA, also known as multiple-step verification, is a log-in method that requires two different ways of proving your identity. There are three types of authentication factors:

  • Something you know – A password, a PIN code, or an answer to a question.
  • Something you have – A physical device such as a mobile phone or a token.
  • Something about you – A biological factor (e.g., face or voice recognition, fingerprint).

Once you’ve entered your user name and password as part of your log-in, 2FA reconfirms your identity by building in a further step. You may be using some kind of 2FA already, the most common method being a one-time code sent to your mobile phone, which you then need to enter online. But 2FA processes can vary, so you’ll need to visit the websites you use to see what they offer. Look for the additional security features available to you. And don’t forget to always use strong passwords and to change them regularly.

What should you use 2FA for? Ideally:

  • Accounts where you store any type of personal information.
  • Accounts with payment information linked to them.

These might include accounts such as Facebook, Twitter, Gmail, online banking, shopping accounts, and cloud storage accounts such as iCloud and Dropbox. Bank of the West applies multi-factor authentication on a risk-assessed basis, so customers do not need to turn on this security feature themselves.

If you have multiple accounts with 2FA, you can use a mobile app to generate codes instead of receiving multiple SMSs. These apps might include Google Authenticator or Microsoft Authenticator. After the initial set-up, you can use the app without a network connection.

While setting up 2FA doesn’t mean your accounts become immune to cybercriminals, it does make them harder targets. So help protect yourself by setting up 2FA – it’s an important step to help thwart the hackers. For further reading, take a look at my earlier post on 2FA.

Reminder: All comments are moderated prior to publication and must follow our Community Guidelines.

  • Anonymous says:

    Thank you David. Not everyone understands the access, but your directions are appreciated.

    Reply | 3 years ago
  • Anonymous says:

    It must not be too great because your employer, Bank of the West, doesn’t offer a client-side version of 2FA. “Bank of the West applies multi-factor authentication on a risk-assessed basis, so customers do not need to turn on this security feature themselves.” That leaves your customers to trust you. Wells Fargo ring a bell?

    Reply | 3 years ago
  • Anonymous says:

    Dear David,
    I agree with two-factor for email. I am wondering why Bank of the West is not offering two-factor.

    Reply | 2 years ago
  • Anonymous says:

    In the wake of the Equifax breach, can we get 2FA as an option from BotW? If that is not offered I will be moving most of my accounts to a different bank that does offer it.

    Reply | 2 years ago
    • David Pollino says:

      I appreciate your concern and want to remind you, as stated in the article above, that Bank of the West does apply multi-factor authentication on a risk-assessed basis, so customers do not need to turn on this security feature themselves. We are continuously evaluating our layered security approach. If you have further questions regarding your account, I would encourage you to call 800-488-2265 or email your contact details to social@bankofthewest.com (please do not include any account numbers).

      Reply | 2 years ago
      • Anonymous says:

        Sorry David, it is a sad state of affairs that you are blogging on the Bank of the West site about turning on 2FA for other services but BOTW itself does not offer 2FA. Huh?? This needs to be implemented ASAP. Equifax has screwed us all.

        Reply | 2 years ago
  • Anonymous says:

    I have watching this blog for a while but still no 2FA for Bank of the West online. I guess they figure they are immune from hacks?

    Reply | 2 years ago
  • Anonymous says:

    Why does Bank of the West not care about its customers and their security enough to offer 2FA? “multi-factor authentication on a risk-assessed basis” sounds nice, but fails to provide to customers the quality of security that a 2FA implementation would yield.

    Reply | 1 year ago

Submit an Idea

[contact-form-7 id="32" title="Share An Idea"]

You are leaving the Bank of the West Change Matters site. Please be aware: The website you are about to enter is not operated by Bank of the West. Bank of the West does not endorse the content of this website and makes no warranty as to the accuracy of content or functionality of this website. The privacy and security policies of the site may differ from those practiced by Bank of the West. To proceed to this website, click OK, or hit Cancel to remain on the Bank of the West Change Matters site.