the tech boomer
the tech boomer

Helping you navigate the world of tech without having to call your grandkids

Table of Contents

2FA

2-Factor Authentication. Free Simple Protection

2-Factor Authentication (2FA) is a good way to protect your online accounts. Here’s what it is and how to use it.

Passwords are only the first step to good Security

We have passwords to many online accounts. Choosing one can be a hard task. That’s why so many people wind up using the same one over and over again, or just as bad, making a too weak password. Here are the top-10 most hacked passwords

The Basics of 2-Factor Authentication

Basically, 2FA involves something you know, and something you have.

something you know

The something you know is your password. Yes, I advocate the use of a password manager, and those that do so don’t know most of their passwords. But still, the password is assumed by the app or website to be something we know and type in to gain access.

something you have

The something you have is usually your phone. But there are other devices like a YubiKey that can be used. I’ll go over YubiKeys in a later article.

How 2FA uses your phone

text message

In this case, the app or website sends a text message to your phone with a code for you to type in. This is the least secure method, as bad guys are able to spoof a phone and have the text message routed to them. But in reality, unless someone belongs to a 3-letter government agency, I don’t see them being a target for that.

push notification

A push notification is where an app on your phone notifies you that an attempt to login has been made. It asks you to verify that it is really you. Both Facebook and Google use this method. This is more secure than text message.

Google does this by default.

authentication app

An authentication app is an app on your phone that generates a 6-digit code every 30 seconds. The website or app you are trying to log into asks you to check your authentication app for the code.

Examples of authenticator apps:

  • Google Authenticator (the one I use)
  • Authy
  • LastPass Authenticator
  • Microsoft Authenticator

…and many more. These are the 4 most popular.

Using an authentication app involves some setting up, and can be a challenge when you get a new phone. In a future post I will detail how to setup and use an authentication app.

YubiKey (or similar device)

A YubiKey is a small device that looks like a thumb drive. To use it, you insert it into a USB port. This is the “something you have.” In addition, some YubiKeys are NFC enabled (see here for a brief explanation on NFC) so they can be used with a smart phone by simply tapping. And some have fingerprint readers, so in case it is lost or stolen, no one else can use it. This adds another factor.

A Yubikey is the safest 2FA method. In this article I go over how even text, push notifications, and authentication apps can be bypassed.

when should you use 2FA?

You be the judge of that. I use it anywhere I would stand to lose something if someone got hold of my password.

  • Banks
  • Investment sites
  • Shopping sites
  • E-mail

E-mail is one of the most important areas to have 2FA setup. If someone had access to your email, they wouldn’t need your bank/investment/shopping password. They could request to change it, and when the email comes to you, they intercept it, change your password, then delete the email.

Now not only does someone have your password, you don’t. You could request a change, but they could simply change it back.

So use 2FA wherever you need it. It’s a bit of a hassle to use in a hurry, but it’s less of a hassle than having a bad guy steal your money.

As always, if you have a question about this or any other post, please leave a comment below, or you can email me at larry@thetechboomer.com.

Share This To Your Favorite Social Media

Facebook
Twitter
LinkedIn
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments

The Tech Boomer On The Socials

Ask me any tech question on Facebook or Twitter,
or email me at
larry@thetechboomer.com

Subscribe to The Tech Boomer

And receive updates whenever a new article is published.

I Want To Learn About...
(Click Below)

The Tech Boomer is Powered by

hostinger logo

Click here for 75% off Hosting

All files backed up with

IDrive Cloud Backup

Sign up here and save 90% off of your first year

Hold On!
Subscribe to The Tech Boomer
and get notified whenever a new article
is published.
If you already have, thank you.