Close

How and why to use two-factor authentication

Two-factor authentication is the safest protection system for digital accounts
two factor authentication 2FA
Reading time: 3 minutes

Content index

Personal data protection: why use two-factor authentication

Two-factor authentication (2FA) is a security protocol based on the joint use of two authentication methods in order to prevent sensitive data breach.

To better understand how two-factor authentication works, let’s start from the basics. Generally, the identity of a remote user is verified through two main security features: identification and authentication.

In the identification phase, the user who wants to access a system (eg: computer or ATM) declares their identity by using the username. This information is not covered by any secrecy.

Once the digital identity is clear, the system asks the user to demonstrate it through the use of a password linked to the username. The password, unlike the username, is secret information that must be kept with the utmost care.

The combination of the two elements authenticates the user to the system but presents several critical issues from a security point of view. In fact, having strong and unique passwords today is not enough to thwart password cracking attacks and protect your digital life. Furthermore, often the theft of personal data is not caused by the user but by a violation of the site where the password is registered.

This type of authentication is therefore weak because the security of the account depends on only one factor, namely the password.

To increase the security level of your accounts, two-factor authentication is better. It is an authentication method that provides greater security than normal logon credentials (i.e. username and password).

Let’s find out how two-factor authentication works and what are the advantages of this security protocol.

What is two-factor authentication and how does it work?

Two-factor authentication, which in the banking sector is called Strong Customer Authentication, is the safest protection system for your accounts. It involves the use of multiple factors during the authentication process.

These factors can be of three types:

  • Something that the user knows (for example: a password or PIN);
  • Something that the user has (for example: a smartphone or a security token for home banking);
  • One thing that the user is (for example: fingerprint, voice stamp, retina or iris, or other biometric data).

A system uses two-factor authentication when it requires two different authentication methods from those above.

How does two-factor authentication work? After entering the user name and the first authentication factor, that is the password, the system asks the user for an additional factor to access their account.

Generally, the most used second factor is “something the user has” and involves entering a numeric code that the user receives via a text message on their smartphone or by using a security token.

A classic example of Two Factor Authentication is logging into your bank account using an ID, password, and One-time password (OTP). The OTP is a disposable password generated through a token that is valid only for a single login session or transaction.

When is the 2FA security protocol preferable? Today, most online services allow the user to use two-factor authentication. In addition to being useful, it is essential to protect the password manager, the e-mail account, social accounts and transactions related to online purchases.

Why use 2FA? 3 advantages of two-factor authentication

According to data shown by Microsoft during the RSA Conference 2020, of over 1.2 million accounts hacked in the first month of 2020, 99.9% had not activated 2FA.

Let’s see the three main reasons why enabling two-factor authentication is important:

  1. It is the most effective security measure to protect your accounts from the threat of identity theft;
  2. It counteracts the phishing attacks that cybercriminals use to collect your sensitive information and data;
  3. You no longer have to remember countless codes or passwords; on the contrary you can use, for example, your biometric data.

TAG