Home » Blog » Embracing 2-Factor (2FA) Authentication

 

Embracing 2-Factor (2FA) Authentication

 

2-Factor Authentication (2FA) is becoming a prevalent, and easy to use technology for securing your most precious online belongings. 2FA requires just as the name suggestions, 2 methods of login to access your online resources. In the case of most online websites, this usually means a combination of:

– A username and password

Plus

– A random, numerical authentication code sent to phone, email, or synced with a Smartphone app.

Without both of these, access will not be granted.

Usernames and Passwords

We are all familiar with usernames and passwords. This has been the de-facto standard authentication mechanism since, well, probably forever. But, this method alone has a variety of security related problems, including:

– Usernames and passwords can be shared, and thus distributed without the original owners consent.

– Usernames and passwords can be hacked. Unauthorized users accessing secured resources can block authorized users, or even be viewed indefinitely by prying eyes so long as the password does not change.

– Usernames and passwords provide authorization to secure resources, but do not prove that the person accessing these resources is the correct person – just that this person happens to have the correct username and password.

Where 2-Factor Authentication Fits In

What if, whenever a login attempt was made to one of your secure resources, a text message was sent to your phone with an additional, random code which would also need to be entered? This now ties a username and password to an actual device owned by the account holder. If a hacker has the correct username and password, but not access to the physical device, their attempt to access this secured resource would be denied.

Two common and widely supported Smartphone apps that manage 2-Factor Authentication are called Google Authenticator, and Authy. With these apps, instead of the website sending a text message, the user opens one of these apps to gain access to the randomly generated code. An example of this would be a typical 2FA enabled Coinbase login:

1. Enter username and password at coinbase.com.

2. Open Google Authenticator or Authy app, chose the Coinbase entry.

3. Enter the numerical code from the app at the Coinbase login screen (this code changes every 20 seconds).

4. Gain access to your Coinbase account.

As you can see, without the physical device, access to Coinbase would not be available.

Many financial institutions, email platforms (Gmail included), social media sites, and other secure web services offer 2-Factor Authentication. It is often an optional component, disabled by default, and can be configured in your user profile settings for said service.

CoinNEO’s Recommendation

CoinNEO recommends the Authy app for 2FA. While Google Authenticator works just fine, Authy seems to provide better backup and restore functions in case your phone is lost or stolen.

CoinNEO also recommends enabling 2-Factor Authentication for any website you use where personal information, especially financial information, is stored. If your financial institution’s website does not currently support this technology, send them an email expressing your interest in seeing this as as feature in the future.

Here is a video Authy provides that describes 2-Factor Authentication: