As we continue to move more aspects of our daily lives online, cybercriminals are developing more sophisticated ways of hacking our accounts and stealing our passwords. From banking to grocery shopping to managing household appliances, we’re putting ourselves at risk every time we create a new account. It’s gotten to the point that usernames and passwords just aren’t enough to protect our privacy. 

It's time to fight back.

One thing we can all do is get serious about using two-factor authentication (sometimes referred to as multi-factor authentication or two-step verification). Once a tool reserved for only the most sensitive data, two-factor authentication is now being pushed out to consumer-level systems, such as online bank accounts, Apple's iCloud, Gmail, Dropbox, and Amazon.

Read on to learn what two-factor authentication is and how you can use it to protect your data, your privacy, and your peace of mind.

What is two-factor authentication?

Traditionally, access to most secured system accounts has required only a unique username and a password. Authentication, in this case, is granted by the user supplying one 'factor' (i.e., the password).

Two-factor authentication adds an extra layer of security by requiring an additional form of identification that utilizes something that is harder for would-be crooks to steal. Not only does it require something that a user knows (a password), but also either something a user is (such as a biological factor like a thumbprint) or, more commonly, something a user has (like a mobile phone).

Probably the most common form of two-factor authentication available for consumer accounts these days is the use of a PIN generated by an automated system and sent via SMS to the user's phone. Here's how it works

1. When signing in, say, to Dropbox.com, you enter your username and password as usual.
2. However, instead of being given immediate access to your account, you are prompted to enter a PIN, which will be sent as an SMS message to the phone number on your account.
3. You look at your phone and see a message displaying a PIN, which you then enter on your computer to gain access to your account.  

This way, even if someone has your Dropbox username and password, they cannot gain access to your data without also having access to your phone. 

Doesn't two-factor authentication make logging in inconvenient?

Using two-factor authentication does add an extra step to the login process. Usually, this means that logging in takes a few extra seconds, assuming you have easy access to your phone. So yes, two-factor authentication does make logging in slightly less convenient.

In most cases, though, the slight decrease in convenience is more than worth the added security benefit. Imagine what would happen if your email account was hacked. Not only would you have to worry about criminals having access to your personal emails, but all other online accounts connected to your email address would be compromised. It would be easy for a criminal to use your email to "recover" your bank account password, which could lead to serious financial repercussions, not to mention inconvenience.

That's why we recommend using two-factor authentication for all accounts that have the capability for it. If you have an account that you truly don't think contains or gives access to any sensitive data, then it may be an exception to this rule. But it's always better to be safe than sorry, and sometimes the repercussions of a hacked account are not always easily foreseeable.

The only other exception to make note of is the case of using two-factor authentication for email accounts you check using desktop clients such as Outlook or Apple Mail. Sometimes, email providers' two-factor authentication does not play nicely with these third-party apps, so it's always best to check with a technology professional before turning two-factor authentication on in these cases.

How do I turn on two-factor authentication?

While not all online consumer services offer two-factor authentication for their accounts, an increasing number do. To see if it's available for your services, check out twofactorauth.org, which provides categorized lists of vendors who offer two-factor authentication.

In most cases, two-factor authentication is an "opt-in" feature, meaning that the user has to turn two-factor authentication "on." Usually, this is a fairly straightforward process, which involves logging into the service, navigating to your account page, entering your phone number, and turning two-factor authentication on. However each service handles two-factor authentication a bit differently. Resources like turnon2FA.com provide detailed tutorials for how to configure and turn on two-factor authentication for popular consumer sites, such as Amazon, Instagram, Gmail, and many others. 

And, of course, we are always available to answer your questions and to help you implement two-factor authentication on your accounts. Feel free to reach out to us at any time!