For years, most people have used single-factor authentication to protect their online services. In other words, many websites only require one kind of information — something you know — to log in, usually just a username and password. Enabling two-factor authentication drastically reduces the risk of getting hacked.
What is Two-Factor Authentication?
Authentication is the process by which you "prove" your identity to a computer system, by logging in. Two- or multi-factor means you confirm who you are in more than one way. In many cases, a second hurdle to the login process might require use of something you have, like access to a cellphone. Many online banking institutions now call for this heightened security measure when signing on to their sites.
How Does it Work?
Some services demand additional information, like cellphone numbers and second or third email addresses, when establishing an identity with them. Then, whenever anyone attempts to login, he or she is asked to verify receipt of a unique code sent to the phone or one of the email addresses on file. The assumption is that an unauthorized person will not have access to the account holder's phone.
Do You Know Anyone Who's Been Hacked?
Have you ever received fake messages from a person you know that urges you to click strange links? Chances are your friend's account was hijacked. If you think about it, any website that needs only a username and password will grant entry to anyone from anywhere in the world, from any device, if the right answers are provided. However, if the site also needs proof that a person can retrieve a unique code, like a text message sent to a specific telephone number, then it's much less likely that someone in another country can get into your friend's account — even if they have the password.
How Can I Enable it?
Whether you can enable multi-factor authentication depends on the online service you're using. Check the security settings to see if there's an option.
Watch this 3-minute video to see how Google's "2-step verification" works.
Are There Any Risks?
Yes. There are a few things to think about when adding this extra layer of security. For example, what happens if you lose your phone? Read about Common issues with Google 2-Step Verification.
Which Services Support Two-Factor Authentication?
The list of services is growing all the time. Below are just a few of them.
See Evan Hahn's extensive two-factor authentication list. It doesn't cover everything, but it's a great start.
Consider enabling two-factor authentication to help protect your online identity from unauthorized access.