Multi-factor authentication is for everyone 🔐➕🔑

This is the second part of the 2-part series on access control and account security. If you haven’t already, read Part 1: The beginner’s guide to using a password manager.

What is MFA?

Multi-Factor Authentication (MFA) is an additional layer of access control beyond user ID and password credentials for your online accounts. MFA-enabled accounts require a unique authentication key in addition to your user ID and password to verify your identity.

Common implementations of MFA use 2 factors (a password and an additional key) for granting access to accounts. Hence this configuration is known as 2 Factor Authentication (2FA), which is a subset of MFA.

How is 2FA implemented?

Examples of additional authentication factors include:

How can you adopt 2FA?

The easiest way for people to use a secure 2FA setup is with a dynamic time-based one-time-password (TOTP) generator.

Step 01: Enable 2FA for your online account

To set up 2FA in for any account, you firstly need to enable usually from a security settings menu. Then you will receive

Step 02: Safely store the TOTP generation token and back-up codes

You may store the TOTP token in the 2FA generator app. If you are looking for an app recommendation, Authy is quite popular and reliable. This token is the basis for generating your TOTPs from time to time. It is also the only way to generate a valid TOTP.

In case you lose the token or your TOTP generator fails, your only recourse is to use one of the few one-time-use back-up codes which you received in step 01. If you do so, you should proceed to reset your 2FA token and back-up codes for future use.

Step 03: Log in to your account using 2FA

Remember that the TOTP has only a limited validity period, after which it lapses and a new one is generated, usually with a 30s interval.

Conclusion

Your accounts are not completely safe even if you use a complex password and a password manager. You can significantly improve your account security by adding an additional layer of access control in the form of 2 Factor Authentication or 2FA. This setup requires minimum effort, and a 2FA key generator application to enhance security of your accounts.

If you use 2FA, in the event your password is disclosed to or discovered by someone else, your account will not allow them to gain access unless they also provide the dynamic 2FA key, which significantly reduces the odds of unauthorised access.


#productivity #technology

Read more Part 1: The beginner’s guide to using a password manager