The Now: What is Two-Factor Authentication?

Lesson 30: What is Two-Factor Authentication?


What is two-factor authentication?

Using a strong password for your online accounts is a great start toward protecting your personal information, but you can do more to help your online security. With the constant threat of identity and data theft looming, numerous websites have begun offering users the ability to use two-factor authentication in order to strengthen security.

Two-factor authentication is a security method that requires a user to enter two of three types of information to gain access to an account or area. The three types of information are:

  • Something you know, like a password or PIN
  • Something you have, like your ATM card, or your phone
  • Something you are, like a fingerprint or voice print

Two-factor authentication helps preserve the safety of your data even if someone learns part of your access information. This method of security has been around for decades, but it has become more common in the digital world. A classic real-world example of two-factor authentication is how you need both an ATM card (something you have) and a PIN (something you know) in order to withdraw money from an ATM.

What are the most common types of two-factor authentication?

The most common type of two-factor authentication involves sending a text to your phone. After entering your password on a site, it will send a unique one-time code via text to the phone number on your account. You will need to enter the code into the site in order to verify your identity and access your information.

Email confirmation is also frequently used. When you submit your password, the site sends you an email with a one-time code. You’ll need to access your email and enter the code into the site to access your account.

What are the downsides?

Despite the greater security it provides, two-factor authentication does have some downsides:

  • The need for a physical object: If you use your phone to receive one-time codes, you will always need to have it ready in order to access your account.
  • Unavailability: Many companies haven’t invested in two-factor authentication systems due to the cost of upgrading, so many sites still only have basic security.
  • Longer login time: It takes a little longer to sign in to an account with two-factor authentication.

What sites use it?

Google, Amazon, PayPal, Facebook, Apple, Dropbox, and many more offer this additional layer of security. Even video game services like Steam and Xbox Live provide two-factor authentication for users.

Online security will continue to evolve as the digital world grows more complex, and two-factor authentication is an extra step you can take to protect your sensitive information from thieves and hackers. We definitely recommend using two-factor authentication for your online accounts, especially for accounts that hold sensitive personal data.