Identity thieves are becoming ever more sophisticated. This means that we not only need to be more vigilant. But we also need to use more sophisticated methods to protect our personal information. One of those methods is Two-Factor Authentication. And in this article we will explore how Two Factor Authentication can help protect you from identity theft.
What is Two Factor Authentication
Two-factor authentication (sometimes called "2FA" or "multi-factor authentication" ) is a security process that requires you to provide two means of identification. The point of two factor authentication is to help protect you from identity theft. Let's explore how 2-factor authentication does this.
2FA basically adds an extra step to your standard log-in procedure to better protect your information, as passwords alone are not always enough. Without two-factor authentication, you simply enter a password and username with the password serving as a single factor of authentication.
Now you need to perform a second level of identification, which can include:
- Answering a personal or secret question (such as the city where you were born); or
- Receiving a text message with a one-time code.
- The fingerprint sensor on your phone.
Two factor authentication was patented in the 1980s. While you have probably noticed it becoming more common when you log on to Twitter, Bank of America, and other websites. It's also used in the real world.
For example, 2-factor authentication is becoming more common when you call customer service. This is because some scammers in the past have been able to convince customer service reps that they were you just by providing some basic information (such as your address!) or even just guessing and having the CSR "help them out".
And while these extra steps will seem annoying and a delay, this small extra investment of your time can pay huge dividends in protecting you from identity theft.
How Two-Factor Authentication Works
A good example of two-factor authentication is what you do when you withdraw money from an ATM. Along with using your bank card (the first factor), you need the correct PIN number.
This extra level of security works to help prevent thieves from being able to steal your money or identity by stealing a single item (whether it is your password of choice or your debit card).
Also known as multi factor authentication, this system requires a username and password plus something else that only the user possesses.
The second factor usually comes in one of the following forms:
- Knowledge factor, or something you know. This may be a PIN or an answer to a secret question.
- Possession factor, or something you have. This may be a bank card, a security token, or a smartphone that receives a code.
- Inherence factor, or something you are. This usually comes in the form of biometric data that uses technology to analyze a fingerprint, voice pattern, or retina scan.
Can Two-Factor Authentication Really Protect Your Identity?
Most attacks come from remote online connections, and 2FA can make these attacks less of a threat because the attacker is unlikely to have a physical device like a smartphone or additional information necessary to access an account.
One of the biggest problems with single-factor authentication is using passwords requires creating strong passwords and keeeping track of them. Passwords must be protected from inside threats like throwing away an old hard drive and outside threats from hackers who gain access to a website's data. Or, the most common threat: always using the same, easy to remember password.
Plus, with enough time, attacks can usually breach a password-based security system.
Two-factor authentication also helps you when dealing with other humans, who can be mislead by enterprising identity thieves. If you need to answer a secret question a random stranger will not know, it certainly helps prevent charismatic operators from fooling someone on the other end of the phone.
Two-factor authentication is definitely a step up from requiring just a password, but it's not immune to hackers. By making it harder to access your account, you will be making most common types of hacks harder to accomplish.
To hack a two-factor authentication system, hackers need to acquire a physical component of the log-in (which may be your cell phone or a card) or get access to tokens placed on a device.
Watch Out for Account Recovery Backdoors
Two-factor authentication can reduce cases of online identity theft as well as email phishing because criminals need more than just your username and password to access your accounts. The factors are always independent, so compromising one will not cause the other factor (or factors) to fail.
But hackers can also gain entry by using an account recovery feature, which resets your password and emails you a temporary password. And, unfortunately, account recovery systems often bypass two-factor authentication completely.
Let's hope more account recovery systems start becoming more sophisticated to help protect your identity.
Where Can You Use Two-Factor Authentication?
While not all websites have two-factor authentication, a growing number of websites and banks are implementing it. Here are some popular services that support 2-factor authentication, and how to enable it to make your account more secure.
With Apple's two-factor authentication program, you will get a 4-digit code via text message when you try to log in from a new device. Click here to enable Apple ID on your devices.
Google will send you a 6-digit code via text message if you try to log in from a new device. It also works with the Google Authenticator app. Click here to enable 2-Factor authentication for your Google account.
Dropbox will text you a 6-digit code when you try to log in from a new device. It also works with the Google Authenticator app and other authentication smartphone apps. Go to your Dropbox Account Settings to enable 2FA.
Facebook's Login Approvals system sends you a 6-digit code via text message when you try to log in from a new device. It also works with the Google Authenticator app and the Facebook app's Code Generator feature. Enable Login Approvals here.
With the PayPal Security Key enabled, PayPal will text you a 6-digit code if you try to log in from a new device. Click here and register your mobile phone number to get started.
After enabling 2-factor authentication on Twitter, you will get a 6-digit code via text message if you try to log in from a new device. Go to your Twitter Security settings to enable 2FA.
WordPress supports two-factor authentication through the Google Authenticator plugin and the Google Authenticator app. Install the Authenticator plugin to get started.
You can visit TwoFactorAuth.org to see a fairly comprehensive list of sites that support two-factor authentication. You can search for your favorite websites or bank, or browse categories like payments, banking, education, health, and social.
Also, if you are interested in learning more about identity theft protection services, check our article here.