Two Factor Authentication

Please follow and like us:
0

What are authentication factors?

An authentication factor is an independent category of credential used for identity verification. The three most common categories are often described as something you know (the knowledge factor), something you have (the possession factor) and something you are (the inherence factor). For systems with more demanding requirements for security, location and time are sometimes added as fourth and fifth factors.

Single-factor authentication (SFA):

Single-factor authentication (SFA) is based on only one category of identifying credential. The most common SFA method is the familiar user name and password combination (something you know). The security of SFA relies to some extent upon the diligence of users. Best practices for SFA include selecting strong passwords and refraining from automatic or social logins.

For any system or network that contains sensitive data, it's advisable to add additional authentication factors. Multifactor authentication (MFA) involves two or more independent credentials for more secure transactions.

 

Two-factor authentication:

Two-factor authentication (also known as 2FA) provides unambiguous identification of users by means of the combination of two different components. These components may be something that the user knows, something that the user possesses or something that is inseparable from the user. A good example from everyday life is the withdrawing of money from a cash machine. Only the correct combination of a bank card (something that the user possesses) and a PIN (personal identification number, i.e. something that the user knows) allows the transaction to be carried out. Two-factor authentication is a type of multi-factor authentication.

Two-factor authentication is a security process in which the user provides two means of identification, one of which is typically a physical token, such as a card, and the other of which is typically something memorized, such as a security code.

two-factor-authentication-flow

 Components

The use of two-factor authentication to prove one's identity is based on the approach that both the required factors must be used and must be correct. If one of the components is missing or is used incorrectly, a person's identity cannot be established beyond doubt. Access to the building, access to data or access to whatever is being protected by two-factor authentication remains blocked if this is the case. The factors may include:

  • something that the user possesses, such as a USB stick token, a bank card, a key etc.,
  • something that the user knows, such as a username, password, PIN, TAN etc., and
  • Something that the user is and is inseparable from, a physical characteristic of the user, such as a fingerprint, eye iris, voice, etc.

 

Why You need it

Two Factor Authentication

It's easier than you think for someone to steal your password

Any of these common actions could put you at risk of having your password stolen:

  1. Using the same password on more than one site
  2. Downloading software from the Internet
  3. Clicking on links in email messages
  4. 2-Step Verification can help keep bad guys out, even if they have your password.

 

 

 

Imagine losing access to your account and everything in it

When a bad guy steals your password, they could lock you out of your account, and then do some of the following:

  • Go through – or even delete – all of your emails, contacts, photos, etc.
  • Pretend to be you and send unwanted or harmful emails to your contacts
  • Use your account to reset the passwords for your other accounts (banking, shopping, etc.)

Two Factor Authentication 

 

 

 

 

 

 

 

 

 

 

How it Works:

 Signing in to your account will work a little differently

  1. You'll enter your password

Whenever you sign in to Google, you'll enter your password as usual. Two Factor Authentication

  1. You'll be asked for something else

Then, a code will be sent to your phone via text, voice call, or our mobile app. Or, if you have a Security Key, you can insert it into your computer’s USB port.

 

 

Keep sign-in simple

During sign-in, you can choose not to use 2-Step Verification again on that particular computer. From then on, that computer will only ask for your password when you sign in.

You'll still be covered, because when you or anyone else tries to sign in to your account from another computer, 2-Step Verification will be required.

 

How it protects you:

 An extra layer of security

Most people only have one layer – their password – to protect their account. With 2-Step Verification, if a bad guy hacks through your password layer, he'll still need your phone or Security Key to get into your account.

Sign in will require something you know and something you have

With 2-Step Verification, you'll protect your account with something you know (your password) and something you have (your phone or Security Key).

 

how-protects-img-2

 

 

 

 

 

 

 

 

 

Verification codes made just for you

Codes are uniquely crafted for your account when you need them. If you choose to use verification codes, they will be sent to your phone via text, voice call, or our mobile app. Each code can only be used once.

See Features to learn about backup options for times when your phone is not available.

 how-protects-img-3

 

 

 

Unfortunately, you can't use two-factor authentication everywhere on the web just yet. But a lot of sites have recently implemented it, including many of our favorite services. Here are some services that support two-factor authentication, with instructions on how to enable it:

Google/Gmail:

Google's two-factor authentication sends you a 6-digit code via text message when you attempt to log in from a new machine, though it also works with the Google Authenticator app for Android, iOS, and BlackBerry. You can save each machine for 30 days. You can enable it here, or check out Google's documentation for more info.

 

LastPass:

LastPass is one of the most important services to use with two factor authentication—since it stores all your other passwords. It uses the Google Authenticator app for Android, iOS, and BlackBerry, and you can read up on how to enable it here.

 

Apple: Apple's two-factor authentication sends you a 4-digit code via text message or Find My iPhone notifications when you attempt to log in from a new machine. You can enable it here, or check out Apple's documentation for more info.

 

Facebook:

Facebook's two-factor authentication, called "Login Approvals," sends you a 6-digit code via text message when you attempt to log in from a new machine. It also works with apps like Google Authenticator for Android, iOS, and BlackBerry, as well as the "Code Generator" feature of the Facebook app. You can also authorize a new machine from Facebook.com on a saved machine if you don't have your phone handy. You can enable it here, or check out Facebook's blog for more info.

Twitter:

Twitter's two-factor authentication sends you a 6-digit code via text message when you attempt to log in from a new machine. You can enable it here, or check out Twitter's blog for more info.

Dropbox:

Dropbox's two-factor authentication sends you a 6-digit code via text message when you attempt to log in from a new machine, though it also works with Google Authenticator and a few other similar authentication apps.

PayPal:

PayPal's two-factor authentication sends you a 6-digit code via text message when you attempt to log in from a new machine.

 

Steam:

Steam's two-factor authentication, called Steam Guard, sends you a 5-digit code via email when you attempt to log on from a new machine. You can enable it by going to Steam > Settings > Manage Steam Guard Account Security in the Steam client.

 

Microsoft Accounts:

Microsoft's two-factor authentication sends you a 7-digit code via text message or email when you attempt to log in from a new machine, though it also works with a number of authenticator apps.

 

Yahoo! Mail:

Yahoo's two-factor authentication sends you a 6-digit code via text message when you attempt to log in from a new machine.

 

Amazon Web Services:

Amazon's web services, like Amazon S3 or Glacier storage, support two-factor authentication via authenticator apps, like the Google Authenticator app for Android, iOS, and BlackBerry. It also supports Windows phone via the Authenticator app.

 

LinkedIn:

LinkedIn's two-factor authentication sends you a 6-digit code via text message when you attempt to log in from a new machine

 

 

WordPress:

WordPress supports two-factor authentication via the Google Authenticator app for Android, iOS, and BlackBerry.

Please follow and like us:
0

Leave a Reply

Your email address will not be published. Required fields are marked *

Enjoy Website? Please spread the word :)

Follow by Email
Facebook
Facebook
YouTube
YouTube