Spotlight on Why You Need Two-Factor Authentication

Two-step verification or two-factor authentication is growing more and more common, and this article talks about its evolution, and why you should incorporate it with all your accounts.

What do Bollywood, WordPress, and Game of Thrones all have in common? If the title didn’t give it away you wouldn’t have been able to guess it. That’s right, multi-step verification. Since recent fiascos/hacks involving Disney and Netflix have resulted in a loss of movie scripts, and even a full tv season before release time, many in the entertainment industry have stopped releasing paper scripts, and instead, require 2-step verification to access the information digitally.

Great news, but so what? You wouldn’t think that the movie industry would be mentioned on a cyber security blog, let alone the Indian movie industry. Regardless of the source, it’s a great segue into an introduction to multi-step verification, and how it can be very helpful in keeping secret information secure.

Two-step verification, also called two-factor authentication, means that there are two methods of determining the identity of anyone trying to access an account. For example, a password (something you know) is typed on your computer, but a code is also sent to your phone (something you have), providing two factors, or two steps to the login process, so it’s a lot harder to hack into than just guessing a password.

In 2016, WordPress advertised a two-factor identification product called Clef, where instead of a password, you used your smartphone with a special passkey, or a fingerprint scan, which then read an animated barcode, which was also projected onto your screen. If the two matched, you were logged in. It saved time since you didn’t need to type in a username and a password, you simply had to scan a picture with your finger on the button, and it was secure, since you needed to produce a specific smartphone with a fingerprint or unique code to unlock your site, rather than just a knowing a username and password.

Unfortunately, Clef is a cool tool that will be discontinued on June 6, 2017. However, two-step verification is a very common tool used by many businesses today. When you change a password, you receive an email with a link to confirm your action. When you sign in from a new device, a separate code is texted you to assure your identity. And we’ve all tried to remember the name of our first pet to answer a security question.

The point is, nowadays a password just isn’t enough. Thankfully, you can use two-step verification on most of your online accounts. Google, Apple, Dropbox, Evernote, Facebook, Slack, PayPal, Amazon, and others all have available two-factor authentication features. Check out the settings of your account, or watch this video to see a quick tutorial on a few of them here.

While Clef might be out of the picture, other apps are definitely available to do the same thing. Apps like Authy, Toopher, and Google Authenticator all provide options for both Apple and Android users. And whether or not your password is “password”, consider using two-step verification to better protect your accounts from cyber crime. Find other ways to protect yourself here.