Two Factor Authentication – What’s It All About?

Two-Factor Authentication

In today’s world of ever-increasing digital crimes, cyber-attacks, and Internet frauds, there is nothing more important than protecting your online accounts and identity. We have been using “Username” and “Password” as an integral part of computer security systems from the beginning, but they are no longer enough to thwart cybercriminals. In order to provide us better security against cyber-attacks, a new form of authentication called “two-factor authentication” (2FA) is being used by several major tech players and banks, and many others are in process of implementing it as well. 

What is Two-Factor Authentication and How Does it Work?

Two-factor authentication is an approach that acts as an extra layer of security in which two or more of the three authentication factors (explained below) are used to validate a user:

1. Something You Know (Knowledge Factor): Knowledge factor as an authentication component has been in use for decades. This includes information that we know, such as username and password, ATM PIN, screen unlock pattern (Android), etc. However, this alone provides very poor security and can easily be guessed, phished or hacked by cybercriminals.

2. Something You Have (Possession Factor): If you have a cell phone or a separate piece of hardware, the device can generally generate another code right at the moment you’re about to log in. After you log in with your username and password, you have to supply this randomly generated code as well to be able to access your account.

3. Something You Are (Inherence Factor): This type of authentication has to do with something specific to you as a person. This could be something like a fingerprint scan, retina scan, palm geometry, voice recognition, facial recognition etc. These types of authentications are called “biometric” and generally offer the highest level of security.

While a single form of authentication by itself may have flaws, when two of the above factors are combined together (in most cases, Knowledge Factor and Possession Factor) for validation against a computer system, it becomes a “two-factor authentication” and is much more difficult for Internet criminals to abuse.

Google's Two-Factor Authentication
Google and the Google logo are registered trademarks of Google Inc., used with permission.

                                       Step: 1

Google's Two-Factor Authentication
Google and the Google logo are registered trademarks of Google Inc., used with permission.

                                       Step: 2

The above screenshot is an example of how Google’s two-factor authentication works. When activated, Google sends a unique verification code to your registered mobile number. You must then enter the valid code in “Step 2” in order to successfully login to your Google account. The core advantage of the two-factor authentication is that even if an attacker obtains your login credentials, two-factor authentication would stop him/her from compromising your account as it requires the attacker to also have physical access to your mobile phone.

Should You Enable Two-Factor Authentication?

The short answer is yes. Two-factor authentication is a great security feature and you should use it wherever possible. In fact, you’ve probably been using it unknowingly for many years. When you use an ATM to withdraw cash, you’re using two-factor authentication – ATM card (something you have) and the ATM PIN (something you know). Just like the above example, even if someone manages to steal your ATM PIN, they would never be able to withdraw any cash from your account without having physical access to your ATM card. By the same token, if you lose your ATM card, whoever finds it will not be able to withdraw any cash without knowing the PIN.

Two-factor authentication is not just limited to ATMs and banking websites. IT giants like Microsoft, Google, Apple, etc., are offering two-factor authentication as an optional security feature to its users. 

How to Setup Two-Factor Authentication

We have provided directions below on how to set up the two-factor authentication for your Google, Facebook, Microsoft and Twitter accounts:

Note: Please note that there are dozens of other popular online service providers who offer two-step authentication. If you want to enable the two-step authentication feature on accounts other than Google, Facebook, Microsoft and Twitter, please contact your service provider for specific instructions.

Setting Up Two-Factor Authentication for Your Google Account

1.    Login to the Google Account Settings page and click the “Security” link located on the left-hand side of the screen.

Google's Two-Factor Authentication
Google and the Google logo are registered trademarks of Google Inc., used with permission.

2.    Scroll down to the “2-step verification” section and click “Settings”.

Google's Two-Factor Authentication
Google and the Google logo are registered trademarks of Google Inc., used with permission.

3.    Click the “Start setup” button.

Google's Two-Factor Authentication
Google and the Google logo are registered trademarks of Google Inc., used with permission.

4.    Type-in your phone number, and select how you would like to receive your six digit secret code (SMS/Voice Call). Click the “Send code” button to continue.

Google's Two-Factor Authentication - Setup

Google and the Google logo are registered trademarks of Google Inc., used with permission.

5.    Type-in the verification code you just received on your phone and click the “Verify” button.

Google's Two-Factor Authentication
Google and the Google logo are registered trademarks of Google Inc., used with permission.

6.    If you trust the computer you are currently using to setup the 2-step verification and don’t want to be required to enter a security code each time you login then check the “Trust this computer” checkbox. Click “Next” to continue.

Google's Two-Factor Authentication
Google and the Google logo are registered trademarks of Google Inc., used with permission.

7.    Click the “Confirm” button to turn on 2-step verification.

Setting Up Two-Factor Authentication for Your Facebook Account

1.    Login to your Facebook account and navigate to the “Account Settings” page.

2.    Click the “Security” link located on the left-hand side of the screen.

3.    Click “Edit” next to “Login approvals”. 

4.    Check the “Require a security code to access my account from unknown browsers” checkbox, and click “Save Changes” button.

5.    Click “Get Started” to begin the Login Approvals setup.

6.    Name the browser you are currently using and click “Add Browser button” button. You will not be asked to enter a security code each if you are logging in using a known browser.

7.    Type in the security code you received on your phone and click “Confirm” button.

8.    Type in your phone number and click “Continue”.

9.    Type-in the security code you received on your registered mobile number, and click the “Confirm” button.

10.    Click “Close” to finish Login Approvals setup. The next time you login from an unrecognized browser, you’ll be asked to enter a security code (sent to your registered mobile number).

Setting Up Two-Factor Authentication for Your Microsoft Account

1.    Login to your Microsoft account and click the “Security info” link located on the left-hand side of the screen.

Microsoft's Two-Factor Authentication

2.    Click the “Set up two-factor verification” link to continue.

Microsoft's Two-Factor Authentication

3.    Click “Next”.

Microsoft's Two-Factor Authentication

4.    Select an email address from the dropdown and click “Next”.

5.    Type-in the verification code sent to the email address you chose in the previous step. Click “Next” to continue.

Microsoft's Two-Factor Authentication

6.    Click “Done”.

Microsoft's Two-Factor Authentication

7.    The next time you login to your Microsoft account, you’ll be asked to provide a security code. Select how you would like to receive the code (text/call/email), and click the “Next” button. Type-in the security code you received (text/call/email) from Microsoft, and click the “Submit” button.

Note: If you trust the device you are currently using to sign in and do not want to be asked for a security code each time you login, check the “I sign in frequently on this device. Don’t ask me for a code.” checkbox.

Microsoft's Two-Factor Authentication

Setting Up Two-Factor Authentication for Your Twitter Account

1.    Login to your Twitter account and navigate to the account “Settings” page.

Twitter's Two-Factor Authentication

2.    Click “Accounts” from the left navigation pane.

Twitter's Two-Factor Authentication

3.    Check the “Require a verification code when I sign in” checkbox.

Twitter's Two-Factor Authentication

4.    Click the “Okay, send me a message” button.

Twitter's Two-Factor Authentication

5.    If you receive a text message from Twitter on your registered mobile, click “Yes” to continue. Otherwise, click “No” to go back and review your mobile settings.

Twitter's Two-Factor Authentication

6.    Re-enter your account password and click “Save Changes” button.

Twitter's Two-Factor Authentication

7.    The next time you  login to your Twitter account, you’ll be asked to enter a verification code (sent to your registered mobile number). Type-in the code and click the “Submit” button.

Twitter's Two-Factor Authentication

If you have any questions related to two-factor authentication, feel free to share it with us on our Facebook Page, or simply leave a comment below.

Copyright © 2013 Support.com, Inc. All rights reserved. Support.com is a trademark or registered trademark of Support.com, Inc. in the United States and other countries. All other trademarks are the property of their respective owners.​