WTF Is 2FA? (And Why You Need To Know)

This morning, I read a headline that likely caused a lot of panic…

“117 million LinkedIn emails and passwords from a 2012 hack just got posted online.”

If you’d like to go change your LinkedIn password, now would be a good time to do so. I’ll wait.

2FA is an acronym for two-factor authentication (or two-step verification).

Login Process Example (without 2FA):

In simplest terms, any login/authentication processes typically requires you (the user) to input at least two pieces of information:

  1. Your username (or user ID, email address, etc.)
  2. Your password (“12345“)

If your username and password are correct, the login/authentication process passes. Otherwise, it fails.

Login Process Example (with 2FA):

Two-factor authentication is a user/identity verification method that adds an additional step to the typical login/authentication process. This additional “second” step might involve a time-sensitive code generated and sent via SMS to your device.

Another popular method of implementing 2FA is to use a hardware device or software application (linked to your user account) that generates a new 2FA code every 60 seconds (that only you can see/access).

2FA makes it exponentially more difficult to hack anything behind a username and password.

The idea behind 2FA is that your device (or application) is physically linked to you (a phone app or key fob) or virtually linked to you (your email address), and without the randomized 2FA code (which only you can access) your username and password are somewhat meaningless.

You may be unfamiliar with the term “2FA” and the process, but many of the web-based services (i.e. web and mobile apps) we use every day have 2FA built into their registration and sign in processes — especially those with a financial component (i.e. your banking app and bank’s website).

In fact, here are ten websites/apps (that offer 2FA) many business owners use on a daily basis:

  1. Facebook
  2. Twitter
  3. LinkedIn (If you haven’t changed your password yet, do it. Seriously.)
  4. GoDaddy
  5. MailChimp
  6. Dropbox
  7. Google Apps
  8. Square
  9. PayPal
  10. Amazon

If you need assistance setting up 2FA for your small business, give us a holler. We’re happy to help!

Thank you for your time and attention, and enjoy your week.


Originally published at comnio.com on May 19, 2016.

Like what you read? Give COMNIO a round of applause.

From a quick cheer to a standing ovation, clap to show how much you enjoyed this story.