A lot of our online habits put our personal information at risk and make us vulnerable to identity theft.
Such as…using the same password on more than one site; downloading files and apps from unsecure websites; posting personal information on social media commonly used for Security Questions; clicking on links in email messages, etc.
An Extra Layer of Protection.
Imagine that you’re shopping at store and you present a credit card for payment. The cashier looks at you and asks, “Do you have a photo I.D.?” Even though it might seem inconvenient to dig into your wallet or purse again to get a driver’s license or school I.D., it’s not too upsetting a request for most people because they know the cashier is taking an extra step to make sure the credit card belongs to them.
That’s the idea behind two-factor authentication (2FA) in the online world – it helps keep the bad guys out of an account…even if they were to somehow know your password for that account.
On many websites (Google, Outlook, etc.), this security feature is called two-step verification.
2FA. What It Is and How It Works.
Factor One: Name and password. When you open an online account, whether it’s an email account or retail account, you start by creating a username and password. From then on, that’s all you need to access your account. The password being the more important of the two, of course, doesn’t always mean you’re safe.
Passwords can be violated, discovered, revealed, and even guessed by hackers.
It happens all the time.
Factor Two: Double checking your identity. When a website has the 2FA option in place—and if you have activated/implemented the feature—you must clear one more hurdle before getting access to your account.
Or, to put it in proper perspective, an imposter trying to access your account would also have one more hurdle to clear.
With this extra layer of security, using your username and password isn’t sufficient to get into your user account on a website.
Why? Because you also need to enter a special one-time code during the login process; a secret code that the website typically will text to your smartphone (which they will have on file).
The code is usually a random 6-digit number. Think of it as a one-time security PIN (personal identification number) that will verify you. When you enter the additional 6-digit number, your user identity will be verified and you’ll have account access.
Hackers, stay out!
You can see how 2fA is virtually hacker-proof. Because the hacker doesn’t physically have your smartphone, there’s no way they can get 2FA code—the all-important second factor.
Here’s how Google explains it to its customers.
Google offers 2FA to everyone who open a Google account.
Here’s how Google explains the protection of two-factor authentication:
Protect your account with 2-Step Verification!
Each time you sign in to your Google Account, you’ll need your password and a verification code.
Signing in to your account will work a little differently: You’ll enter your password. Whenever you sign in to Google, you’ll enter your password as usual.
You’ll be asked for something else. Then, a code will be sent to your phone via text, voice call, or our mobile app. Or, if you have a Security Key, you can insert it into your computer’s USB port.
Here is the bottom line.
2FA protects your online activity the same way the store cashier protects you by asking for additional identification when you use your credit card.
Start looking at the privacy features on your favorite websites—particularly where you’re required to use a username and password.
See which ones offers two-factor authorization…and use it.
It is a simple and smart way to add an extra layer of protection.