What do your online banking website, your email account, and Facebook all have in common?
They all require you to log in. You’re prompted to enter your username and password to gain access.
As cybercriminals desperately seek to steal your personal information, they’ve gotten really good at cracking usernames and passwords.
Unfortunately, this basic level of security is no longer effective on its own to prevent others from accessing your personal online accounts. This leaves you at serious risk for identity theft, fraud, and other scams.
In today’s column, I would like to briefly show you a foolproof way to keep hackers from breaking into your online accounts – even if they know your password.
2 is the magic number
Two-factor authentication is an advanced method of website security. It forces someone trying to gain access to a website to prove they have the right to enter.
Two-factor authentication requires two different forms of identification, both of which must be correct, to successfully be allowed entry.
Compare it to completing a transaction at the license branch. You’re often required to provide two documents to prove your identity – such as a birth certificate proving you are who you say you are and a utility bill proving your mailing address.
What you know & what you have
Tech expert Leo Notenboom describes two-factor authentication like this:
“Authentication has almost always been in the form of something you know – for example, a password. … Two-factor authentication adds something you have to the requirements to prove you are you. … You must possess something specific that is completely unique to you and only you.”
The Google Authenticator app makes setting up two-factor authentication extremely easy.
1. Install the app on your smartphone.
2. Enable two-factor authentication on the website you wish to secure, such as Facebook or your online bank account.
3. Associate the Google Authenticator app with your account by either typing in a code or scanning a QR image.
Once you complete this process, the Google Authenticator app will begin displaying a random six-digit number every 30 seconds. These numbers are completely unique to your account and your cell phone.
Now when you (or anyone) attempts to log in to that particular website, it will prompt for the username/password AND the random number displayed in the Google Authenticator app on your phone at that time to be entered.
Without both correct pieces of information, access will be denied.
You can also use simple text messaging to set up two-factor authentication, if you don’t have a smartphone or don’t wish to use Google Authenticator.
Most websites offer you the option to configure your cell phone number as a verification method.
When you (or anyone) attempts to log in, a text message with a random code is sent to your cell phone. You enter that code, along with your password, to prove you’re authorized to access the site.
Securing your important online accounts with more than just a username and password is critical. Security breaches happen every day, even with “secure” websites.
Two-factor authentication provides the best way to keep unwanted intruders out of your personal accounts.
If you’d like more information about or assistance with setting up your accounts with two-factor authentication, feel free to call my office at (812) 386-8919 or email me at firstname.lastname@example.org.