So is only a login and password still adequate? Can we still trust that familiar way of security? With two factor authentication you can add an extra layer of security to your data. In this article I show you what two factor authentication is, how it works and why we need it.
What is Two Factor Authentication?
Two Factor Authentication, 2FA or TFA is a better way to protect your online accounts. Besides entering the password into your account you also have to enter an additional code that you generate through a personal device.
TFA is an authentication process in which two out of three factors mentioned below are necessary to recognize you as a valid user.
- Something you know - This is your password, PIN, passphrase or a similar code.
- Something you have - Something like a smart card, a pass or other hardware
- Something you "are" - This is for example your fingerprint, your iris pattern, voice recognition or your heartbeat.
TFA is working when two out of three are used correctly.
An example from everyday life:
If you're going to withdraw money you need two things: A debit card and your PIN. Your debit card is something you have, your PIN is something that you know. With this combination you get access to your bank account. If someone has your card, but he or she doesn’t know the correct PIN, then it stops right there. The other way around is identical, while there is a list online of all PINs, but having no corresponding debit card will not get you far.
More and more web services uses Two Factor Authentication in order to secure access. They use an SMS verification code or a smartphone app to generate the additional code that you must enter. The most used app is Google Authenticator, others are AlterEgo and Authie. Although it’s more common for businesses to use SMS.