As the Internet becomes increasingly interactive and the number of online threats continues to grow, more and more web-based services are realizing that two-factor authentication is more than just a good idea.
Instead of relying on just a password or secret question to confirm your identity, it heightens Internet security by confirming that you are really the person that you say you are — beyond the online world. For example, each time you use your ATM card at your bank, you are using two of the three typically recognized factors for authentication. These factors include: something you know (such as a password), something you have (such as an ATM card, hardware token, or cell phone), and something you are (such as your fingerprint). Two-factor authentication requires the system to use two of these – hence the name. When it comes to Internet security, the most common combination requires a password and a one-time code that is generated by a token or sent to a cell phone.
Here are just some of the Web-based services that have systems for giving users the ability to turn on and use two-factor authentication.
• Dropbox: This file sharing service offers a two-step verification process, requiring users to enter their password and a special security code that is sent to their cell phone via text message or the Dropbox mobile app.
• Gmail and Google Docs: Your Google accounts can be set-up to send codes via SMS text message or voice call to your cell phone. If you have a smart-phone, you can later download an app that allows you to generate codes without text messages and even without cell service.
• Facebook: This popular social network recently implemented Login Approvals, which is used when the site detects a login attempt from an unrecognized computer. To complete the login process, this two-step verification prompts a user to enter a mobile code, which is sent to his or her phone via SMS text.
• Yahoo! Mail: Like Facebook’s Login Approvals feature, Yahoo! Mail’s two-factor authentication process comes into play only after a suspicious account sign-in attempt. Yahoo will send you the verification code via text message to the mobile number that you previously saved to your account.
As you read this blog post, you may be wondering if two-factor authentication is overkill or asking yourself if it really makes a difference. If you ask us, we prefer the extra layer of security.
As more people interact online, it’s no longer just enough to rely on a password for authentication. And sites that let you change your password by answering a secret question are becoming easier to bypass. Social networking sites and forums increasingly give hackers the opportunity to learn just enough about you so that they are capable of guessing your password and figuring out the answer to your questions.
Adding an additional layer of security via two-factor authentication to all your online accounts can go a long way towards protecting you from online identity theft and phishing attacks, preventing any sensitive data or financial information from being compromised, and ultimately saving you time, money and a lot of unnecessary hassle.