Mastering two-factor authentication

Two Factor Authentication

Online shopping – it’s a convenience that can become a liability if security isn't your first checkout item.
Frank Abagnale


Two-factor authentication (2FA) adds an essential layer of security to your online accounts by requiring two forms of identification before granting access. The first factor is something you know, such as a password or PIN. The second is something you have, like a smartphone that can receive a verification code or run a 2FA app. This method significantly decreases the chance of a security breach since even if a hacker obtains your password, they won't have the second necessary credential.


To set up 2FA, you'll usually start by going to the security settings of your account profile on the desired service's website. Look for an option labelled "Two-factor authentication," "Two-step verification," or something similar. You'll have options to receive your second factor, such as through a text message, authentication app, or email. For smartphone authentication, you can choose to receive a text message or use an app designed for 2FA, like Google Authenticator or Authy.


When using an app for 2FA, you have several reliable options. Google Authenticator is a popular choice due to its simplicity and ease of use. It works by scanning a QR code provided by the service you're securing, which then syncs the service with the app. Authy offers a similar service but with the added benefit of backing up your 2FA tokens to the cloud, allowing for easier recovery if you lose your device. Choose an app that suits your level of comfort and convenience.


Activating 2FA with a smartphone involves a few simple steps. After selecting "2FA" in your account's security settings, choose 'Authentication App' as your preferred method. Open your chosen 2FA app on your smartphone, scan the provided QR code, and a six-digit code will appear in your app. Enter this code back on the website to verify the setup. Make sure you complete this process within any time limits set by the service, as these codes often refresh every 30 seconds for security reasons.


When you enable 2FA, you'll usually be given a set of backup codes. These codes are crucial if you lose access to your phone and can't receive your 2FA codes. Store these backup codes in a safe place—not on your computer or smartphone, as these can be compromised. Some services also allow for the use of a backup phone number or backup authentication app, which you should set up as a failsafe.


To maintain security, periodically check the 2FA settings on your accounts to ensure everything is up to date. If you change your phone number or switch phones, remember to update your 2FA settings accordingly. Also, if your chosen 2FA app allows for it, enable the app's security features, such as a PIN or biometric check, to protect the app itself.

Stay informed, shop assured, and secure your peace of mind

By following the steps above, you can safeguard your online accounts against unauthorised access. Two-factor authentication isn't just an optional extra layer of protection; it's becoming a necessity for anyone serious about personal cyber security. The time invested in setting up 2FA is minimal compared to the security and peace of mind it provides.

Leave a Comment

You must be logged in to post a comment.