“Even if it’s cumbersome, you have to do it” Types of two-factor authentication and how to use them to enhance account security

A typical method of two-factor authentication (2FA) or multi-factor authentication (MFA) is to enter a secondary numeric code along with your regular password on any device you have never logged in to in the past. These extra codes are usually sent to your phone, so someone who steals your password has physical access to your phone and can’t log into your account unless you know how to unlock it.
ⓒ Getty Images Bank

The hassle of going through additional authentication on top of your normal password is well worth it from a security standpoint, and more and more companies are starting to require 2FA. Google and Amazon’s Ring have made 2FA mandatory from 2021, and 2FA is enabled by default even when logging in with an Apple ID. These are all positive changes.

However, most 2FA is a method of texting a verification code to your phone. While safer than doing nothing, it may be vulnerable to SIM hijacking attacks. Therefore, it is necessary to take a more proactive stance in order to strengthen security through 2FA. It’s also a good idea to have a backup 2FA in case your phone is lost or stolen. Some 2FA options worth considering include:

Use an authenticator app

Most of the major online services don’t text 2FA codes, but generate them with separate authenticator apps. Scan a one-time QR code with an authenticator app, sync it with an online service, and the code appears. Google and Microsoft provide their own authenticator apps, but I’m using a free app. Authyprefer It can be installed on multiple devices at the same time, so I installed Ossi on iPhone, Android phone, iPad, Windows desktop, Windows laptop, and Mac mini.
ⓒ Foundry

This convenience comes at a price. The ability to install Ossi on new devices can be enabled/disabled by the user. To access this feature, you’ll need physical access to the device where Ossi is already installed, and you’ll need to enter your regular password. After this process, when you install Ossi on a new device, you will have to enter the self-verification code sent by text again.

The easiest way to enable 2FA on multiple devices, including computers, is to use an authenticator app like Ossi, but users who easily forget passwords aren’t advised to rely on Ossi, as there’s no way to recover passwords from Ossi itself.

Email or app-based 2FA

Have you ever noticed the “Are you trying to log in?” message in the Google app on your phone when logging into Gmail on a new device? This is also a typical form of 2FA. Authenticate logins from other devices using the device you previously logged in with. Some services also send an additional verification code via email when you log in to a new device.
ⓒ Foundry

As long as your device and email account are secure, this is a safer method than receiving a code via text message, and in most cases it can be used with an authenticator app like Ossi. This will allow you to log in using a variety of methods, such as an authenticator app or email, when 2FA is enabled.

Printed code or physical security key

ⓒ Foundry

Some services offer backup codes that you can print and use to log into your account at any time, or allow you to use a USB security key for 2FA. When I logged in with my Gmail, Microsoft, Twitter, and Stripe accounts last year, YubicoSecurity authentication device manufactured by Yubikey When set to use, I often use it instead. Online services that support YubiKey herecan be checked in

Sign in with your Google or Apple account

It’s also a good idea to use your Google or Apple account when signing up on other sites, if available. You don’t have to create another password, and the same level of security as your Google account is available on the site.

Of course, not all apps and online services offer all of the options listed so far. Some may not support physical security keys or email-based authentication and may not provide a printed code. There are still places that only offer text message-based 2FA or don’t support 2FA at all.

However, disabling 2FA just because it doesn’t provide the means you want is a bad choice. You should choose the right 2FA methods offered by each service, starting with accounts that store important data. If your options are limited or unavailable, you should create strong passwords.
[email protected]

Source: ITWorld Korea by www.itworld.co.kr.

*The article has been translated based on the content of ITWorld Korea by www.itworld.co.kr. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!