With security threats at an all-time high a simple ‘username and password’ security protection approach is easy prey for cyber-criminals, they can compromise log-ins in a matter of minutes and steal private data, including personal and financial information.

Never fear, there are ways to make things a little more complex for cyber-criminals and save you from a potentially disastrous situation.

Two-factor authentication or multi-factor authentication (MFA) creates an additional layer to your security, it adds to the username and password model by creating a code only a specific user has access to (usually sent to something the user has immediately to hand i.e a mobile device). The best way to think of this authentication method is to think of it as ‘something you have and something you know’

Once you have used two-factor authentication on your device, you shouldn’t normally be asked to do so again, although, some services will only trust your device for 30 days or a year at which point you will be prompted to re-verify your details. Some companies like Amazon, for example, will give you the option to ‘trust a device permanently’ so for example if you have two-factor authentication active for Amazon, and want to buy something on a different device or a public computer, you will be prompted to enter a code that Amazon sends to your mobile device – in the authorisation dialogue there is a checkbox that lets you decide whether this device should be trusted in the future meaning you don’t have to constantly re-verify your information.

This solution is by means completely new to the market, previously you could employ two factor authentication by using ‘hardware tokens’, similar to solutions you would use for online banking or require a user to carry a fob which, inevitably meant the tokens were frequently forgotten, lost or expired because the hardware was reliant on the user. As technology has advanced ‘token-less’ solutions have come to the market, making life easier for users (and IT departments that look after them!). Benefits of ‘token-less’ solutions are they are quicker and cheaper to set up and simple to maintain across many networks. The token-less solution is extremely secure and extremely cost-effective.

Multi-factor or two-factor authentication can be used by all businesses of all sizes, the process can help to reduce the likelihood of identity theft and phishing scams because criminals cannot compromise log-ins with usernames and password details alone.
There are many services available that offer two-factor authentication (MFA), including:

  • Google
  • Yahoo!
  • Paypal
  • Apple
  • Dropbox
  • Microsoft 365
  • Facebook
  • Twitter
  • LinkedIn

and many, many more.

If you need to check if a site offers two-factor authentication you can do so by checking this website: https://twofactorauth.org/