Two Factor Authentication to Improve Your Online Security

For years we’ve gotten accustomed to the numerous websites and services that require a login and password.  The trouble is that many of us end up using the same password for most (if not all) of these services.  In most cases, the password that we use, is not what is considered a strong one, i.e. one that is easily guessed through brute force attacks.

Companies that were particular concerned about their work force accessing systems remotely enhanced their security by requiring two factor authentication, but what is two factor authentication and why should the average user care?

Two factor authentication adds another level of security to accessing a given account.  In addition to the needed user id and password, an additional code is required.  This code usually changes every so many seconds and can’t be “guessed” through traditional brute force methods.  The code is usually provided by a key sized device who’s only function is to display a continuously changing number pattern which is required – in addition to the password – to access the account.

The trouble with two factor authentication is that up to now, each system required its own special key device, this is note user friendly at all, imaging walking around with 20 or more of these things.  Enter the smart phone.

Today, there’s a better way.  Some providers are allowing users to enhance security through two factor authentication using an app that is installed on their smartphone.  In most cases, the app itself, can be used by many providers at once, meaning, you don’t need a separate app for each of these accounts.

In particular, this is enormously beneficial to prevent email hacking.  If you use a service such as gmail.com for example, Google now offers 2 factor authentication.  Microsoft has also added this option to its email services.

There are several apps that provide the code needed by the service providers, one such example is authy.com.  Which app you end up using, will be determined by the service provider you are connecting to.

Where possible, there is no reason not use this option, whether for protecting your email or your bank account.

Posted in email, security