How to Enable 2FA - And How It Will Benefit You
What Is 2FA?
Two-factor authentication known as 2FA, which can also be referred to as dual-factor authentication or two-step verification, is a security mechanism where the user must provide two authentication factors in order to verify themselves. Having two different authentication factors ensures that the user’s credentials, as well as the resources they can access with them, are better protected.
2FA offers higher levels of security than methods depending on single-factor authentication, where the user usually only has to type in a password. With 2FA, users must provide not only a password but also a second factor, which can be a biometric factor, security token or something else.
Do not mistake using two factors that belong to the same category as being 2FA. For instance, typing in a password and answering a security question still counts as single-factor authentication, since both of these rely on knowledge and the same authentication factor.
Why Is 2FA Authentication Important For Staying Safe Online?
Using 2FA will add a layer of security in your authentication process and make it more difficult for hackers to get hold of your device or account. If the hackers find out your password, they still won’t be able to break into your account.
Lately, online service providers have been using 2FA more and more often in order to protect the credentials of their users from hackers.
Since the beginning of the digital revolution, passwords have been the main method of authentication. Unfortunately, they are far from being unfailing. In fact, 90% of them can be deciphered in less than 6 hours, and more than half the people use the exact same password in all their accounts.
The passwords’ vulnerability is the principal reason why you should use 2FA.
A password is supposed to be something that only you know and that is hard for others to guess. Though they are better than nothing, passwords are not foolproof.
One of the reasons why they’re not foolproof is because people have lousy memories. Reports have shown that most stolen passwords are incredibly simple – something like ‘12345’ or ‘password’. People like using passwords like these because they’re easy to remember, but they’re also very easy to be cracked by hackers.
Another reason is people having too many accounts. With more accounts come more passwords, which leads to users creating passwords that are exactly the same. For hackers, this trend of password recycling is perfect as it means they can unlock various other accounts once they figure out a username and password for one account.
The final reason is security fatigue. While some users try to make more complex passwords to make it more difficult for attackers, many are giving up on it and using weak passwords due to being discouraged by numerous recent data breaches.
Having just an ID and password to login to certain websites is not exactly the most secure option you can go for. The problem with authentication that’s password-based is that it demands knowledge and creating and remembering strong passwords. Passwords can be prey to hackers, as attackers are known to be able to breach security systems that are based on passwords only.
If you have trouble remembering your passwords or setting strong passwords, one of the best solutions is to invest in a password manager. Due to their ease of implementation and their low cost, passwords are still the most common method of single-factor authentication.
With 2FA, which adds on a second factor to your authentication, your accounts will remain well protected and you won’t need to worry about data breaches affecting you.
Why You Should Enable 2FA?
Though the technology of two-factor authentication was conceived in 1984, it has become more and more important recently, as people’s personal and business lives are at risk for threats of theft and hack attacks. Nowadays, loss of access may have terrible consequences.
Companies have been trying to improve user authentication security for years. For instance, they’ve been requiring strong passwords, making the users change their passwords, using salting algorithms that hide the actual password, etc. Unfortunately, since users still often employ the same password over and over again, password-only systems are vulnerable, making phishing very common.
What 2FA does is it leaves the user with a peace of mind, since it makes sure that the user’s account will not be accessed even if the password does get compromised. The only way to access it would be to also know the method of the second factor, as well as have access to it.
Recently, there’s been a massive increase in websites failing to keep their user’s data since cybercrime is getting more and more advanced, and old security systems aren’t able to protect themselves against modern threats.
Therefore, tighter security must be provided by websites and apps, but users should also start securing themselves with an additional factor besides just a password. Two-factor authentication provides this extra security that’s been becoming more necessary lately.
With 2FA, the user first enters their ID and password, after which they are required to offer a second piece of information. These are the categories that the second factor can come from:
- Something you know: this can be a password, an answer to a question, a personal identification number (PIN), or a keystroke pattern.
- Something you have: this can refer to something that’s in the user’s possession, such as a smartphone, credit card, or a hardware token.
- Something you are: this can include voiceprints, iris scans, or biometric patterns of one fingerprint.
When a user correctly applies 2FA, the website or app is more confident of his or her identity.
How To Enable 2FA?
Many websites and platforms have provisions for 2FA nowadays. Once you activate it, next time you log into the service it is going to be ready for use. Enabling it for emails is quite important as well since the majority of your accounts are accessible through email.
To find out how to enable 2FA for each particular site or app, browse the site’s FAQ or look within the ‘Settings’ tab. You will probably find the option to enable 2FA inside the ‘privacy’, ‘security’ or ‘account’ tabs.
To make it easier for you, below is a list of major platforms and explanations on how to enable 2FA on them.
Google: You can turn on Google 2FA across all your Google accounts (Gmail, YouTube, etc.). To do so, go to your Google Account and click Security, which is found on the left. Click 2-Step Verification on ‘Signing in to Google panel’, then click on Get started, and follow the steps.
The other way you can do it is to go to the 2FA landing page. Click Get Started and log in. You’ll be asked to enter a phone number, after which you can choose if you want verification codes sent by texts or through phone calls.
Apple: 2FA is offered to users of macOS X El Capitan or later, or iOS9. For iOS, the enabling process varies slightly depending on the iOS software. If you have iOS 10.3 or later, 2FA can be enabled by going to your Settings, then [Your Name], then Password & Security. Once you turn on 2FA, you will receive a text containing a code every time you log in.
If you’ve got iOS 10.2 or earlier, turning on 2FA can be done by going to iCloud, then Apple ID, then Password & Security.
For macOS, start by clicking the Apple icon which is found in the upper left corner, and click System Preferences. Go to iCloud, then Account Details, then Security. Inside the Security tab, you’ll find the 2FA option.
Microsoft: After logging in, go to the Security settings menu. Find the ‘Two-step verification’ section then run the setup link. Follow the directions to enable 2FA.
Instagram: In order to enable 2FA on your mobile device’s Instagram app, go to your profile and click on the menu in the upper right corner. Go to Settings, then Privacy, then Security. Within the Security section, you’ll find two-factor authentication. You can opt for verification that’s text-based or recovery codes that are pre-generated by Instagram.
You can turn on 2FA through the webpage as well. Go to your profile page and next to your name you’ll find a gear icon right on the right side of the Edit Profile button. The settings menu will open up, after which you need to click on Privacy, then Security, just like in the app.
Facebook: To activate 2FA on the Facebook mobile app, click the hamburger menu icon which is in the upper right corner. Scroll down to Settings & Privacy. Click Settings, then Security and Login, after which you will find the option for turning on 2FA in Setting Up Extra Security.
As the second factor, you can choose text messages, recovery codes or an authentication app.
To enable 2FA on the web, find the arrow located next to the circle that has a question mark (the Help icon) and select it. Scroll down to the Settings menu, where you will see Security and Login. Click on it to find the section called Two-Factor Authentication.
WhatsApp: In WhatsApp, find the Settings menu. Go to Account, then Two-step verification, then Enable. You will be able to add a six-digit PIN which will be used as verification, as well as add an email (if you ever forget the PIN).
Snapchat: Open the main camera screen and go to your profile. Click on the gear icon to go to your settings. Next, select Login Verification. You can choose if you want verification through texts or an authenticator app.
Twitter: 2FA authentication on Twitter can be enabled by clicking on your profile avatar and going to Settings and privacy. Then go to Account, which will be on the left side. Go to Security and then ‘Set up login verification’. The process is the same for the browser version and the mobile app.
According to Wired,
“Twitter was relatively slow to offer its users two-factor authentication, and even when it did, it required you to hand over your phone number. Security experts have warned for literally years about the dangers of linking 2FA with SMS messaging, chiefly because it exposes you to so-called SIM swap attacks, where hackers divert your phone number to a different device and use it to take over your accounts. Finally, Twitter has relented, allowing you to get started with two-factor authentication straight from an authenticator app or Yubikey, no phone number required.”
Dropbox: To activate 2FA on Dropbox, start from the homepage and click on your profile avatar. Go to Settings, then Security. There you will find the Two-Step Verification section. You can opt for receiving 2FA through an authenticator app or through text messages.
PayPal: In order to enable 2FA, start from the Summary page. Click on the gear icon and go to the Security tab. Find the ‘2-step verification’ section and select ‘Set Up’. You will be able to choose between using an authenticator app or having a code sent to you through a text message.
Types Of 2FA
A user can be authenticated in several different ways. While most methods depend on knowledge factors, such as a password, 2FA methods add in a possession or inherence factor.
The following are types of authentication factors:
- Knowledge factor: something that the user knows (PIN, password, etc.)
- Possession factor: something that the user has (security token, smartphone, ID card)
- Inherence factor, also called biometric factor: something that is inherent in the user. This can refer to fingerprint, facial or voice recognition.
- Location factor: this factor can be strengthened by limiting authentication to certain devices found in some locations.
- Time factor: this factor restricts authentication to a time frame during which login is allowed.
Here is a list of options you can choose for your second factor. Some are stronger than others, but they all provide better protection than what just a single password would provide.
These might be the oldest type of 2FA. They are small and make new numeric codes every thirty seconds. When accessing an account, the user must look at the device and type in the 2FA code that’s displayed on the token into the website. There are versions of tokens that can be plugged into the computer’s USB port and automatically transfer the code.
The biggest downside is their costliness – distributing them to businesses is quite pricey. Also, they are easily misplaced or lost due to their size. Lastly, they’re not completely safe and there is the possibility of them being hacked.
Software tokens are the most popular type of 2FA. They use a software-generated, one-time passcode that is time-based.
Free 2FA apps can be downloaded and installed on smartphones or desktops and can be used with really any site that allows 2FA. When signing in, the user must enter their username and password, after which they will type in the code which appears on the app. Since the code is shown on the same device, there is no chance of hackers intercepting it.
App-based 2FA is available for desktop platforms, wearables, and mobile phones, and can even work offline.
Voice-based 2FA and SMS Text-Message
2FA that’s SMS-based connects to a person’s phone. After the user gets a username and password, the site will send him a text message containing a one-time passcode. Similar to the hardware token method, the user then has to enter the code into the app to be allowed access.
The voice-based 2FA involves automatically dialing the user and delivering the code verbally. It’s not very common but is still used in some countries, especially those in which smartphones are expensive.
However, this method of 2FA might not be safe enough for websites storing your personal data, such as banks, utility companies or email accounts, since SMS is considered the least secure method of authenticating users.
Push notifications can be sent to users by websites and apps during an authentication attempt. When the device owner receives the notification, they can view it and decide whether they will approve or deny the access. This authentication is passwordless as there are no codes to be entered.
Since there’s a direct, secure link between the 2FA service, the retailer and the user’s device, any opportunity for attacks, unauthorized access or phishing is eliminated. The device must be connected to the internet for this form of 2FA to work and is certainly a very user-friendly and safe kind of security.
In biometric 2FA authentication, the user is treated as the token. For instance, the user’s identity can be verified via their fingertips, facial recognition, and retina patterns. Recently, vocal prints and typing patterns are also being researched.
The Guardian explains what users need to do if they have issues with living in blackspots when it comes to 2FA,
“For people like you who don’t get a decent mobile service at home (or don’t own a mobile), you can ask Google or the email provider to call your landline instead. You can typically add two mobile and landline numbers to the two-step process. A landline is arguably more secure.
Alternatively, use a smartphone-based app which automatically generates a one-time passcode using an algorithm. The code changes every 30 seconds. Crucially, you don’t need a mobile phone signal or to be online to receive the code. The Guardian’s tech gurus recommend using Google Authenticator.
One last thing to consider is upgrading your mobile to 4G. Living where you do, you should be able to get a mobile service. Buying a 4G phone could improve your service and mean you can make and receive calls at home.”
Nowadays, enabling 2FA on your device and accounts you’re using is extremely important, especially when it comes to accounts that have access to your personal information, such as bank info. With cybercrime becoming more advanced, hackers are easily able to break into accounts being protected by just passwords, especially if the passwords are simple and have been recycled for use on several other accounts.
Activating 2FA will add on an extra layer of security and keep your accounts well protected by ensuring that your account isn’t accessed even in the case of your password being compromised.
Enabling it varies slightly across different platforms, but it can usually be done by going to the Privacy or Security tab and looking for ‘two-step verification’ or ‘two-factor authentication’. Since there are different types of 2FA, you will be able to choose the one you prefer, whether it’s using a hardware token, receiving codes through text messages, scanning your face or fingerprint, and much more.
Keep in mind that even when you’ve got 2FA activated, it’s crucial to use usernames that are hard to guess and create strong passwords in order to have maximum security.