2 Factor Authentication (or 2FA for short) describes the process of logging into an online service, such as email, using two factors instead of just one (the humble password).
The second factor is usually a randomly generated 6-digit code. It is delivered to you by text message or using an app on your phone.
This measure is particularly important when trying to protect the security of email accounts and other critical services likely to result in costly fraud, such as online banking.
Take a look at our short video in which our MD James explains the what, why and how about 2FA.
Read on to find out more about how rolling-out 2FA can protect your business from fraud and identify theft.
More About 2FA
You can get started with 2FA by making a list of all internet-based services your business uses. Examples include:
- Your email service
- Online banking
- File sharing services such as Dropbox, OneDrive or Google Drive
- Google Apps / G-Suite
- Accounting software such as Xero or Quickbooks Online
- Any online CRM or ERP systems you use for internal processes
- Your Amazon account and other online suppliers
- Online backup services
Each service will have its own implementation of 2FA. This means you’ll need to search on the respective websites to see if it’s possible to enable 2FA in each case.
Get An Authenticator App
The easiest way to generate 2FA codes (often called one-time passcodes or OTPs) is with an app on your smartphone.
It may be preferable however to use a password manager such as 1Password or LastPass – modern versions of these tools will not only remember your login details but also act as your one-time password generator for 2FA. Read more about using password managers in our related blog post.
Once you have an authenticator app, you’re ready to set up 2FA for the services which support it.
Set Up 2FA On Your Services
As explained, 2FA setup will vary from provider to provider but the basic process is usually the same:
- Locate the security settings for your account
- Look for a button or link to set up 2FA, often alongside the ‘change password’ options
- Follow the steps to set up 2FA
- Usually this will start by confirming you have a phone number and/or backup email address configured
- You will then be prompted to enter a special one-time code, or to scan a corresponding QR code, using your Authenticator App
- This tells the Authenticator App how to correctly generate passcodes which are valid for this service
- You will be asked to verify the setup has worked by entering the first code that was generated by your Authenticator App after linking it
- On subsequent logins to this service, you will now need to provide your username (or email), your password AND your one-time passcode from your Authenticator App
You’re now protected from anybody gaining access to this account without your knowledge. This is because only your device knows how to generate a valid one-time passcode for logging in.
If you need some help deploying 2FA, particularly if you are a business with a need to ensure correct compliance and a seamless rollout of 2FA across the organisation, please get in touch and we’ll be pleased to help out.