Not all technology generates as much frenzied interest as smartphones. Take two-factor authentication, for instance. This technology has been around, promising nearly foolproof security to holders of online accounts for several years now. Yet, most people have never heard of it. This has been a big year for it, though.
In the middle of April, Microsoft announced its rollout of two-factor authentication security for many Microsoft accounts. After the Associated Press White House tweet debacle, Twitter is planning security of the same kind, too.
What exactly is two-factor authentication?
Many of us have used two-factor authentication at some point, say, with our bank account’s Internet access. Often, when you need to perform certain high-value transactions online, the bank won’t let you through simply because you’ve signed in. They require a second level of authentication. They send you a password on your phone and ask you to enter that on your computer. Getting you to sign into your account with your username and password is the first level of authentication. The second level is where they ask you for the password sent to your phone.
Android phones offer it, already
Let’s say that you have an Android smartphone and you’ve set up optional two-step verification. Some hacker in Eastern Europe has just hacked into some online retail website that has your Google username and password and he’s now ready to enter your account. When he types these pieces of information in, he is asked for the freshly generated password that’s been sent to your phone. Unless he has just picked your pocket and stolen your phone, there’s no way he can find out what the password is. He might as well give up the attempt.
If this password were something that you could set once and commit to memory, there’s a chance that a hacker could steal that as well. Two-step verification, though, involves freshly generated passwords for each transaction. No hacker can get in with some previously saved password.
Dealing with this much security certainly is a hassle – you have to have your phone with you for it and it takes a little time to go through the rigmarole. Nevertheless, it does offer near bulletproof security from hacking attempts.
Nearly everyone plans to offer this security measure now
Google and Facebook were about the first to the party. They’ve offered two-factor authentication as an optional security measure for 2 years now. Dropbox and Apple have had it for a year. Microsoft and Twitter are actually nearly last.
Here’s how you get started
The exact method in which you set up two-factor authentication is different for every site. Facebook has the simplest process. You simply click on the little gearwheel icon on the top right and then choose the Account settings item on the menu that drops down.
In the Security category on the navigation bar to the left, you need to look for Facebook’s cleverly disguised two factor authentication – they call it Login Approvals.
When you click that link, you get a quick tutorial on how the feature works. You basically have two ways in which to receive your code for the second authentication level. You can either install an app on your phone that generates the code each time you need to log in or you can give Facebook your phone number so that they can send you a text message with your code each time. Needless to say, the app method is far quicker. Text messages can take a minute or so sometimes.
A final tip
You don’t need to install a separate two-step verification app for each online account you have. Google’s Authenticator can work for practically any website.