Why two factor authentication? Simply put, it’s very effective against people who try to to break into other’s accounts’ by figuring out or knowing their passwords. This two-step authentication method has helped curb account theft significantly.

More than one factor authentication is very important in helping keep your online accounts safe. Single factor authentication is the norm and means to just use one factor of authentication, like just your private password you know to log-on to your online account. Two factors means just that, two things the user must provide to gain access or log-on to your account.

Most often it’s the combination of a password you made and an SMS text message to your phone with a second password that you must also enter in. Unless a cyber criminal has your phone too, they will not get into your account through log-on only means even if they know your personal password.

It’s not always an SMS text as a means of the second factor. It can be a link in an email sent out or some other form of authentication.

Physical Security Considerations Risk Assessment

This article from Google perfectly points out the details of how and why it’s a good idea. Basically, because a password can be guessed (see how in our security awareness course if you haven’t already) or even repeatedly tried, a second factor you physically have like a text message or automated phone call to your phone is added security to keep the bad guys out. It’s simple and it can be very effective. Or if a large website is ‘hacked’ and passwords are stolen in some manner, the bad guys may still need to possess a user’s second factor, that user’s phone, to log-in as them.

why two factor authentication
Usually, two-factors are something you know (passwords) and something you have (a phone with a text message). Sometimes a factor can be something you are (using your fingerprint).

It’s important that you find out if any online account providers allow for two-factor authentication, often just a matter of turning on a setting for it to ‘yes’ within the account settings section of that website and inputting your phone number to send text messages to.

Here is a tiny list of common types of accounts that allow two-factor authentication:

  • Email accounts
  • Bank accounts
  • Financial accounts

There are very few cases if any to not allow this kind of authentication if an account allows it. We recommend you seek it out for all your existing and any new accounts and always enable it.

Save time & money in fixing and managing many small business cyber security issues with our step-by-step cyber security management software. Your business will be more resiliant to cyber attacks and your customers would take notice.



Comments and questions below are viewable and open to members only.