What is the average internet user? Well, you should definitely change your passwords – regularly! Passwords are a rather ridiculous authentication method and can be picked up by fraudsters fairly easily, from pure violence to simple phishing.
What you really need is a second way to check yourself. For this reason, many Internet services, some of which have the feeling of being hacked, offer two-factor authentication . It is sometimes referred to as 2FA or used with the terms "two-step" and "verification" depending on the marketing. Even the White House once had a campaign calling # TurnOn2FA. But what exactly is that?
As the leading security analyst at PCMag, Neil J. Rubenking, puts it: "There are three commonly recognized factors for authentication: something you know (like a password), something you have (something like a hardware token ) or something that you are (for example, your fingerprint) .Two factors mean that the system uses two of these options. "
Biometric fingerprint and retina scanners or faces are thanks to innovations such as Apple's Face ID and Windows Hello. In most cases, the additional authentication is just a numeric code. a few digits that are sent to your phone and can only be used once.
You will receive this code via SMS or via a special smartphone app called "Authenticator". After linking to your accounts, the app displays constantly changing codes that you can use when needed, and does not even require an Internet connection. The controversial leader in this area is Google Authenticator (free for Android and iOS). Twilio Authy, Duo Mobile, SAASPASS, and LastPass Authenticator all do the same on mobile platforms and on some desktop platforms, and the majority of popular password managers default to 2FA.
The Codes Provided by Authenticator Apps Synchronize your accounts so that you can scan a QR code on a phone and retrieve your six-digit access code in your browser, if supported.
Here's a video that Google made with the basics of 2-step verification and a good idea
Note that setting up 2FA can actually prevent access in some other services , For example, if you've set up 2FA with Microsoft, that's great – until you try to sign in to Xbox Live. This interface has no way to accept the second code. In such cases, you must rely on app passwords – a password that you generate on the main website for use with a particular app (such as Xbox Live). You will see Facebook, Twitter, Microsoft, Yahoo, Evernote and Tumblr appear. These are either used as third-party signons or have features that you can access from other services. Fortunately, the need for app passwords fades over time.
Remember, when you panic, how hard it all sounds: being safe is not easy. The bad guys expect you to be lax to protect yourself. With the implementation of 2FA, it takes a little longer each time to sign up for a new device, but in the long run, it's worth avoiding serious theft, be it with your identity, your data, or your money.
The following does not apply to an exhaustive list of services with 2FA capabilities, but we cover the key services used by all and guide you through the setup. Activate 2FA on all these and you're safer than ever.