For the Love of Your Children, Please Enable the 2-Factor Authentication!
You set up your account. Maybe it’s a new email. Or you finally took the plunge you’ve decided to try that new app. Whatever it is, you’re almost finished and you just want to start using it.
Then the question appears.
Would you like to enable two-factor authentication?
You stare for five seconds before you do what you always do.
“Nope.”
Not now, anyways. Maybe tonight. Or next week.
Although it’s almost always presented as something optional, the two-factor authentication function might just be the extra layer of security you need in today’s digital world. Consider this: If your bank told you that you could now access your account at the ATM using only your PIN and your name because they wanted to phase out debit cards, would you feel as safe about your money?
Probably not.
That’s because your card serves as a form of two-factor authentication. It’s a physical token that only you should have on you. In theory, only you should have both the card and your account PIN on you. Therefore, someone can steal the card, but they can’t access your account and withdraw your funds without knowing the PIN. The same applies to a situation where someone oversees you typing in your PIN but they don’t have your card.
Two-factor authentication (or 2FA) is not really a new security measure. Companies patented the idea of a “method and apparatus for positively identifying an individual,” as early as the 1990s. The problem was it required a hardware or software token, which was an expensive proposition at the time. Most people couldn’t afford a card reader or fingerprint scanners. Even in 2012, when Blizzard Entertainment, the publisher of the World of Warcraft games, tried to get its users to buy hardware tokens to protect their accounts, they were hit with a lawsuit by their own customers. Users believed they were being gauged and stated the publisher should have done more on their end to protect their data. Enter the smartphone. Now you had a device that only a single individual would have access to that didn’t cost an arm and a leg that could be used for multiple purposes.
So the concept of 2FA is not really that new. That being said, it’s not going anywhere soon because it’s still one of the most efficient methods of protecting data. In fact, Facebook just overhauled its 2FA feature earlier this year after the Cambridge Analytica scandal. Now you can use apps like Google Authenticator and Duo instead of just your phone number to secure your account. Still, there’s one issue with 2FA. People need to activate it. Facebook’s security communications manager, Pete Voss, didn’t even wish to disclose what percentage of users had actually activated the feature. Getting users to take the time to enable it has been the biggest challenge.
If you’re still not sure if the apps you’re using are truly 2FA, use TwoFactorAuth.org. The site gives you a complete list of applications that use 2FA systems. Just type in the name it will pop up.
Is 2FA the be-all-end-all of cybersecurity solutions? No. That would be wishful thinking. There are always changes in data security as software gets more sophisticated. But it is an extra layer of security that can protect your most valuable data for only two extra minutes of your time. So the question shouldn’t be “Why should I activate my 2FA protocol?” but “Why haven’t I done so yet?”
Works Cited
BBC. “Blizzard Sued over Account Security Aids.” BBC News, BBC, 12 Nov. 2012, www.bbc.com/news/technology-20294807.
Jones, Brad. “Two-Factor Security Is the Best Lock for Your Digital Life, but It’s Not Perfect.” Digital Trends, Digital Trends, 20 Jan. 2017, www.digitaltrends.com/computing/why-2-factor-security-is-flawed/.
Matsakis, Louise. “Facebook Is Beefing Up Its Two-Factor Authentication.” Wired, Conde Nast, 25 May 2018, www.wired.com/story/facebook-two-factor-authentication/.
Rosenblatt, Seth. “Two-Factor Authentication: What You Need to Know.” CNET, CNET, 24 May 2013, www.cnet.com/news/two-factor-authentication-what-you-need-to-know-faq/.
SecurEnvoy. “What Is 2FA?” What Is Two Factor Authentication?, SecurEnvoy, 2018, www.securenvoy.com/two-factor-authentication/what-is-2fa.shtm.
Weiss, Kenneth P. Method and Apparatus for Personal Identification . 30 Apr. 1992. Patent.
