Two-Factor Authentication (also known as multi-factor authentication) is used to add an extra layer of security to applications and websites you log into. It requires a second level of authentication which is usually performed using a smartphone or hardware key (such as a Yubikey) as well as the original password. The account owner will have to verify if it’s them, each time a login is attempted. 

Two-Factor Authentication can be used in different forms. One of the most common method used is getting a code via SMS. When a user is trying to access an account, if SMS 2fa is enabled, it will send a code to the phone number provided, which should be set up as the owner of the account. The user then types that code into the site and they can login. 

Another method is with an authentication app. Users can download an authentication app on their phone, for example Microsoft or LastPass. When attempting to sign in, they will have to enter a one time code given to them from the authenticator app. In some applications, you can select to receive a push notification which can be accepted on the device instead of typing in a code.

Because Two-Factor Authentication adds that extra layer of security, it makes it harder for someone who is trying to access your account. It is recorded that over 50% of people online use the same password more than once for different accounts, this makes it even easier for attackers to guess and steal passwords and if a password is stolen. Two-Factor Authentication acts as a final barrier to stop your account getting breached.

We highly advise everyone to enable Two-Factor Authentication when possible if you haven’t already. If you are unsure on how to enable Two-Factor Authentication, feel free to contact us at Reformed IT. You can also Subscribe to the Reformed IT YouTube channel, where we will be uploading videos about 2fa and many other useful ‘how to’ videos and tips.