{"id":5036,"date":"2014-06-09T10:00:05","date_gmt":"2014-06-09T14:00:05","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=5036"},"modified":"2022-11-03T08:26:51","modified_gmt":"2022-11-03T12:26:51","slug":"what_is_two_factor_authentication","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/what_is_two_factor_authentication\/5036\/","title":{"rendered":"What is Two-Factor Authentication? Where Should You Use It?"},"content":{"rendered":"

We\u2019ve recorded podcasts<\/a> about it. We\u2019ve discussed it at length in a number of screencasts (which I have kindly embedded below). We\u2019ve mentioned it indirectly in countless articles. But we\u2019ve never taken the time to dedicate an article solely to explaining what two-factor authentication is, how it works, and where you should use it.<\/p>\n

What is Two-Factor Authentication?<\/h2>\n

Two-factor authentication is a feature offered by a number of online service providers that adds an additional layer of security to the account login process by requiring that a user provide two forms of authentication. The first form \u2013 in general \u2013 is your password. The second factor can be any number of things. Perhaps the most popular second factor of authentication is the SMS or email code. The general theory behind two-factor is that, in order to log in, you must know something and possess something. Thus, in order to access your company\u2019s virtual private network, you might need a password and a USB stick.<\/p>\n

Two-factor is no panacea to prevent account hijacks, but it\u2019s a formidable barrier to anything that would try to compromise an account protected by it.<\/div>\n

Two-factor is no panacea to prevent account hijacks, but it\u2019s a formidable barrier to anything that would try to compromise an account protected by it. I think it is pretty well known that passwords are severely flawed: weak ones are easy to remember and easy to guess; strong ones are hard to guess but hard to remember. Because of this, people\u00a0who are already bad at creating passwords<\/a>, use the same ones over and over again. Two-factor at least makes it so an attacker would have to figure out your password and<\/em> have access to your second factor, which would generally mean stealing your cell phone or compromising your email account.\u00a0<\/p>

What is two-factor authentication and where should you enable it? #security #passwords<\/p>Tweet<\/a><\/blockquote>\n

There\u2019s been a race to replace passwords, but nothing has emerged. As it stands, a good two-factor authentication system is about the best protection you can have. The second benefit to two-factor authentication systems, especially the ones that involve the reception of email and SMS passcodes, is that they let you know when someone has guessed your password. As I\u2019ve said probably 1000 times, if you receive a two-factor authentication code on your mobile device or in your email account and you weren\u2019t trying to login to the account associated with it, that\u2019s a pretty good sign that someone has guessed your password and is attempting to hijack your account. When or if this ever happens, it\u2019s probably a good time to go ahead and change your password.<\/p>\n

On What Accounts Should I Enable Two-Factor?<\/h2>\n

The simple rule regarding when and where you should enable two-factor is this: If the service in question offers it and you deem that account valuable, then enable it. So, Pinterest? I don\u2019t know. Maybe. If I had a Pinterest account I probably wouldn\u2019t be willing to go through the hassle of entering two authenticators every time I go to log in. However, your online banking, primary and secondary email (especially if you have a dedicated account recovery email address<\/a>), valued social networks (Facebook and Twitter perhaps), and definitely your AppleID or iCloud<\/a> or whatever account controls your Android device, if you have one, should all be protected by a second factor of authentication.<\/p>\n