Over the years we can see that the use of conventional passwords are not enough to protect ourselves online. Accounts are easily invaded through the discovery of personal passwords, social profiles are violated, increasingly sophisticated malware is spread, and mobile threats have become increasingly present in our day-to-day lives. Several attacks are enough to prove that the security provided by traditional passwords are no longer as efficient as they used to be. This is due to the fact that the technologies used by malicious users have evolved.
One of the last (already ineffective) methods formerly used are the one-time acronym passwords (OTP), which basically give you a specific time-frame to insert your sensitive information. If it takes too long for you to insert that information, then your login is delayed. All of this is done in an effort to circumvent robots or malware who may try to break into your private accounts. However, this has already become useless because the malware programs used by hackers are now able to slip through these techniques. Although this tactic is still active and employed, it is considered by many to be 70% ineffective.
Luckily for us, there is a new method that promises to bring you more safety and security online.
Two-factor authentication also known as 2FA, is additional information that is used to allow access to certain service. Usually people only use a username and password to gain access into a website. But if the password is easy to guess or stolen, the account could be compromised.
Two-factor authentication has become increasingly popular because it adds more security to your accounts. It tries to ensure that only you can have access to your it. As a matter of fact, you’re already probably using two-factor authentication without realizing it. For example, if you want to reset your password on a particular site, you will sometimes be asked, your mother’s maiden name or the name of your first pet.
The idea behind this is that even if someone knows your password, he will not know this kind of personal information.
When you simply type in your username and password, this is a single authentication factor. Two-factor authorization requires the user to place two or three of the following credentials before being able to access the account. These are:
• Something you know – could be a PIN, password or pattern
• Something you have – your bank card, or cell phone
• Something you are – a fingerprint, iris reading or speech recognition
Let’s take an online banking service as an example; people often have a security token in which they insert their card and then enter your PIN number. This generates a code that is inserted next to your username and password in order to prove that the person trying to access has the bank card.
Many social media services also have this process. You can update your settings so that every time you try to log in, a code is sent to you. It can be sent to both your email and your cell phone. Then, you will need to enter this code in order to complete the login process.
It is considered good practice to use two-factor authentication when it is available. Although it may slow the speed in which you log in to a website, it’s just a small price to pay when you think that your personal information could be stolen or that someone might be trying to get into your account pretending to be you.
