From our newsletter: Last time we covered Passwords, Password Managers & Data Breaches, and we’re adding to that this week by talking about how to secure your accounts even further by adding Multi-factor Authentication.
Multi-factor Authentication (also known as Two-factor Authentication, 2FA or MFA) is an extra layer of security that requires not only something you know, but also something that only you possess.
The “something you know” is typically a password, but as we covered in our last newsletter, these are often not strong enough or leaked in a data breach.
Security can be hugely increased by adding “something you have” such as a card reader (Internet banking), a security code sent via SMS message sent to your mobile, or a one-time password (OTP) generated from an authenticator app on your phone.
Last year, new banking regulations came into effect which required online retailers to support 2FA. It is likely that you have experienced this by being asked to enter a code sent to your phone via SMS when shopping online.
But 2FA isn’t just for online banking and payments, it is supported by thousands of online services to offer you extra security for free. If your password is somehow compromised, it is impossible for someone else to login to your account if 2FA is enabled (unless they also have your phone!).
At the very least, you should enable 2FA for your email account as this is key to a hacker gaining access to your online world. All major email platforms support 2FA including Office 365 and Gmail.
How do I set this up?
Each service will have a guide to help you enable 2FA, but it typically involves pairing your account to an authenticator app on your mobile phone. There are several apps available, one of the most popular is the Authenticator app by Google which is available for both Android and iPhone. The pairing process is done simply by scanning a QR code displayed on the screen with your phone. Now each time you login to the service, you will be asked to enter a 6-digit number generated by the app. This code changes every 30 seconds to stay secure.
Watch a short video showing this process in action by clicking the button below
Where can I use Multi-factor authentication?
Popular services that support 2FA include HMRC, Mailchimp, Twitter, Facebook, LinkedIn & Amazon. You can view a list of websites and whether or not they support 2FA at https://www.daito.io/2fa/