Billions of people worldwide were impacted by cyber attacks in 2018 (yes, BILLIONS). In fact, one report says 765 million became victims between April and June of last year alone.
At this point it’s really not realistic to think it won’t happen to you. Chances are, it will—but that doesn’t mean you have to make it easy. Adding an extra layer of security to your accounts can help reverse those odds. That layer is called two-factor authentication (2FA) or multi-factor authentication (MFA).
We’ve touched on this topic before, but it’s worthy of all of your attention and it’s own blog. It could be a key piece of security you’re missing.
What is two-factor/multi-factor authentication?
Consider how you usually log in to a website. You provide your username and password—two pieces of information that you know. The problem is, both of those can be stolen if a website is hacked or if you fall for a phishing scam.
The idea behind two-factor or multi-factor authentication is that you need more than one piece of information to log in—something you know (i.e. passwords or security questions) PLUS something you have (i.e. grid cards or authenticators on your phone).
Is two-factor the same as multi-factor authentication?
Two-factor authentication is really just a type of multi-factor authentication. By definition two-factor authentication requires more than a single type of information, therefore it is multi-factor.
All of that said, multi-factor isn’t necessarily the same as two-factor. Why? Because beyond two-factors, you can actually add more. Multi-factor authentication can include:
- Something you know (i.e. passwords or security questions)
- Something(s) you have (i.e. grid cards or authenticators on your phone)
- Something you are (i.e. fingerprints or eye scans)
Because requiring three, four, or even five layers of security is so cumbersome for daily life, you probably won’t run into this any time soon (unless there are new technology breakthroughs, of course!).
Tips for using two-factor/multi-factor authentication
- If you are prompted to approve a login when you are not attempting to access your account, you should change your password immediately. Hopefully, you are not using this same password elsewhere, if you are, you should change it in all those other places as well.
- Check all of your accounts to see if you can turn on multi-factor authentication as an added layer of security. You should check your bank, personal email, health services, and social media sites, just to name a few.
- Make sure you watch out for two-factor authentication scams
- Do your own research to learn more about why this is so important:
- US-Cert: Supplementing Passwords
- Lock Down Your Login: 2018 National Cyber Security Awareness Month Toolkit
- See if your password has been hacked at Pwned Passwords