Connect with us

What is two-factor authentication and why should I care?

Knowledge Hub

What is two-factor authentication and why should I care?

Introduction

We are all used to entering our email address and passwords before being granted access to our online accounts. Technically, this is referred to as single-factor authentication. Today, we will look at two-factor authentication (2FA), the security process that requires a user to verify their identity in two unique ways before they are granted access to a service or system. 

What is the second factor?

The second factor is intended to bring in a layer of extra security. In addition to entering your username and password, you may be required to enter a code that is dynamically generated, has a short lifespan and can only be used once. This is referred to as “one-time password” or “OTP”. Alternatively you could use something you have such a cellphone or even your fingerprints and iris to log in. Other types include email token, where an email with a link is sent to a user who has to click on it before access is granted. Phone calls and software tokens can be used as a second factor to authenticate accesses.

Can 2FA be flawed?

Since the whole process of 2FA usually involves the transfer of security codes from one place to another, it’s possible for attackers to intercept these codes. But that said, it’s not really easy to intercept the code.

For example, the SMS-based 2FA can be flawed by tricking the user into installing an Android malware that will serve as a rogue listener for the attacker. After it’s installed, it will listen for all incoming messages on the user’s phone and then POST its content to a rogue server where the attacker can collect them. That’s extra work on the side of the server.

So yes, it can be flawed, but it requires extra effort.

Should I enable 2FA?

Even though 2FA can be flawed, enabling it can save you from a lot of harm. The advantage of enabling 2FA is that, after an attacker spends hours/days trying to crack your password; he/she can still not access your account. In situations where a company’s database is stolen by hackers, having 2FA enabled ensures that your account is still safe from the hackers.

Taking this extra step in the authentication process not only frustrates hackers, but also reduces your risk of becoming a victim of fraud or identity theft.

So yes, you should enable 2FA. It provides you with an extra security layer.

Continue Reading
You may also like...

1 Comment

1 Comment

  1. Julius Appiah

    1st March 2018 at 12:40 pm

    great Piece…

Leave a Reply

Your email address will not be published. Required fields are marked *

More in Knowledge Hub

Popular Posts

All categories

Happening in Ghana

Tech Hub Tour: iSpace Foundation

By 17th May 2018

Happening in Ghana

Exclusive Tech Tour: Ho Node Hub

By 15th May 2018

Happening in Ghana

Event Recap: Figma Accra Design Roadshow

By 15th May 2018
J Cole

Happening worldwide

J Cole wants to allocate tax money with an app

By 25th April 2018

Happening worldwide

Cloud War: Dropbox vs Google Drive vs OneDrive

By 19th April 2018
To Top