What is two-factor authentication?

Two factor authentication

Two-factor authentication, or 2FA, as it is more commonly known, is an extra layer of security used to prevent anyone else from logging into your account.

Traditionally, a secure log in includes a username or email address, and a password. The more complex the password, the more secure the login.

But, it isn’t as clear cut as that.

As cybercrime gets more sophisticated, companies are finding that their traditional security systems are no match for modern threats and attacks on account details. And now, a username and password can easily be hacked and your account accessed by anyone around the world.

Password complexity

Often it is simple human error that leaves us exposed. We require a password for everything we access online – whether it be a food delivery to accessing online banking.

Passwords are in place to help protect our identities and personal information. Some people use the same password for everything, while others try to think up alternatives for each account they use. The most common passwords are pets, children, memorable dates, and simple sequences of 12345 or qwerty.

Computers can hack ‘qwerty‘ as your password in less than one second. A common dog name ‘buster123‘, would take 9 hours and 56 minutes to hack, whereas a random string for example ‘3cEr8@qv1p^S‘ would take 5,389,762 years!

You can find out the strength of your password on the how secure is your password site.

The purpose of 2FA secures against both weak and strong passwords. If someone has managed to get hold of your login information, they would still need to pass through the authorisation barrier before being allowed to gain access.

How does 2FA work

2FA works when the correct username and password are inputted into an account. It then passes you through to the next level of security; the second factor.  This extra security measure requires the user to verify their identity by using one of three main methods:

1) SMS/text message 2FA

This is when a randomized code is sent as a text message to the authorised mobile phone on the account.

When the account is first set up, a mobile number is often required. Every login from that point onwards is then authorised through the same phone number.

Issues can arise with this type of 2FA if you change your mobile number, so it is always something to be aware of and change the 2FA method if you’re likely to be changing your contact number.

2) Authenticator App

Downloading an authenticator app means it will always be linked to your Google or Apple store account, therefore you can change mobile number and device and still gain the same access.

This form of 2FA pushes a notification from the app when the correct login information is used, it then works in one of two ways; by simply accepting the login on the mobile app, or by inputting a secret code to gain access.

3) Push notifications

Similar to the authenticator app, some mobile devices linked to your account will automatically send push notifications of a new log in and allow you to accept, reject, or enter a secret code. This is quite common with Google logins and Google devices, especially if you’re logged into the same Google account on both.

As with all of the 2FA options, if someone you do not know accesses your account, you have the option to either ignore the SMS code or deny their login request. This adds that an additional layer of security in case anyone may have unlawfully accessed your account username and password. At this point, you can also change your password so further attempts are blocked and essentially sending the hackers back to square one with trying to gain your login information again.


If you would like more information on 2FA or would like one of our digital security experts to help you set this up, drop us a line – office@laser.red