This week, I want to talk to you a bit about two-factor authentication. It’s something that’s getting harder to avoid if you use online accounts – but it’s really not as scary as it sounds.
If you have an account with Apple, Google, Microsoft, Facebook, Amazon… any of the big tech firms… you’ll probably have been asked to set it up. And, of course, banks now use two-factor when you pay for something online using your credit or debit card.
It might feel like just another bit of fancy tech – getting in the way and making life more difficult – but it’s there to keep your account safe and secure…
What is two-factor authentication?
Two-factor authentication sounds scarily technical, but at its simplest it’s just proving who you are using two different methods. It’s not actually anything new either, for example when you get money out of a cash machine you need the combination of your bank card and your PIN number to withdraw anything.
All online accounts already have “one-factor” authentication, or as I like to call it, a password. Typing in your password when you log in to your account tells the company it’s you. But as you often hear in the news, hackers can get hold of passwords. Two-factor authentication adds a second level of security by getting you to also type in a short numerical code that only you can access. For example, one that’s texted to your mobile phone. It’ll then only let you into your account if you type in the right password and the right code.
The code only works once, so you need a new one each time you log in. This might sound like a right pain, having to type in your password and fiddle about getting a code each time you want to login, but if you use a device regularly (for example your laptop at home), you can usually tell it to “trust” that particular device so it doesn’t ask for a code every time.
Why does it make my account safer?
It’s safer because you need both your password and a code to get into your account. This means that if some nasty hacker finds out your password, they still can’t get into it because they don’t have the code. Two-factor authentication isn’t foolproof, but it is much safer than just using a password.
How do you set it up?
Log in to your account as normal using your password. You might then be asked to set it up, but if you aren’t you’ll be able to find it in your account settings or security settings. Look for something like “two-factor authentication”, “2-step verification”, “login verification” or “login approval”.
First you’ll have to choose how to get your code (sometimes called a “verification code”). There are two main ways:
- A text message to your mobile phone.
- Using an authenticator app on your phone or tablet. These are free from the app store, and any one will work. For example, I set up two-factor authentication on my Amazon account using the Google authenticator app. Once you’ve got the app, you use it to scan a QR code on the screen of whatever you’re trying to log in to (a QR code is a bit like a fancy barcode). It’ll then generate a code for you to type in.
Make sure you choose a backup method too, in case you can’t get the code in your preferred way (e.g. if you’ve got no mobile phone signal). That might be sending you an email, or some companies give you a list of codes to use in emergencies that you print off or write down and keep in a safe place.
An important point to remember
Every time you try to log in on a new device you’ll have to type in a code to prove it’s really you. So remember that you’ll need access to the thing your code comes from – either your landline or mobile phone. If you lose or break your phone, or just change your number, you can use your backup method to get into your account.
I hope that’s made it all a bit clearer.
Until next time