This post originally appeared here on August 28, 2014.
It seems that hardly a day goes by without word of another high-profile company being hit with a data breach. If someone gains access to your password, they can do anything that you can do inside your account. Anything you can see or do when you log in, they can see or do from their own computer.
However, there is a way that you can keep people from accessing your account, even if they have your current password. It is called two-step or two-factor authentication. This requires two forms of identification before access to your account is granted. My first introduction to two-factor authentication happened over a decade ago. My dad would connect to the network at work with not only a password, but also a random code generated by a token he carried on his keychain. Anyone who got his password would also have to steal his token in order to access the network under his name.
Of course, a token for your Gmail or Yahoo email account would be impractical. It becomes even more impractical when you consider that you would also need one for your Facebook account, your Walmart account, etc. Imagine having a token for each online account you set up: you would never be able to find the one you wanted when you need it.
However, many modern accounts can activate some form of two-factor authentication. For example, when I log into my online banking account from a computer, I am required to have an access code emailed or texted to my phone. After I successfully enter a code, a cookie is placed on the computer that notifies the site that this computer is approved, and I no longer have to enter it until I clear the cookies or log in on a different computer.
Unfortunately, two-factor authentication is rarely required or even presented as an option when signing up for an account. As mentioned earlier, my bank requires it when you log in for the first time on a particular computer, but I do not recall ever being offered two-factor authentication for my Gmail or Yahoo emails, even though Gmail, Yahoo, and Microsoft emails (Hotmail/Live.com) all have this as an option. Facebook, Twitter, PayPal, and Amazon are among other companies that also offer two-factor authentication.
If you are unsure if a site offers two-factor authentication, try searching the site's help pages or contacting customer support. If it is offered, I recommend that you enable it wherever you can. It is certainly not foolproof, but it is an additional step to help keep unwanted guests out of your accounts.
No comments:
Post a Comment