Online security: Two-factor Authentication | Lexika
/

Online security: Two-factor Authentication

Simona Pralovska Ciferník19.05.2021 For Customers Reading time: 3 min.
two-factor authentication

Nowadays, we store quite a lot of sensitive information in different online accounts, websites, apps, and services. Password protection – even with a secure password – isn’t always sufficient.

So how can we protect personal or company data in the most reliable way? The answer is by using two-factor authentication.

What is two-factor authentication?

Two-factor authentication (also known as 2FA) adds another layer of security to a common password login. This means that even if a hacker steals your username and password, they won’t be able to login to the account without an additional code.

What types of 2FA exist?

Two-factor authentication is supported by many services, however it must be enabled manually. You can choose from many options:

  • mobile app
  • one-time code
  • USB drive
  • smartphone prompt
  • and text message

Let’s look closer at how the different types of two-factor authentication work.

Mobile app

One 2FA method is using a smartphone app, like Duo MobileGoogle Authenticator, or Microsoft Authenticator. You can download the app to your smartphone and link it with the desired accounts. The app automatically generates a time-sensitive access code (usually for a few seconds) that changes once it expires. If an attacker steals your password, they will still need physical access to your mobile device to get into your accounts.

You can also link the app with multiple accounts from different services (including e-mail, cloud storage, and social media).

One-time code

The service (e.g., Gmail) generates a certain number of codes upon request to be used as an additional login method later. The number of these codes is limited and each can only be used once. Therefore, this method works better as a backup solution.

Ideally, these codes shouldn’t be stored on the computer. For example, you can print them out. However, make sure not to lose them or let them be stolen.

USB drive

A special, secure USB drive is considered to be one of the strongest forms of protection today. The drive must be activated for each account (in 2FA settings) and subsequently plugged into the computer for each login attempt. The USB drive acts solely as an authenticator — it does not store any data. If lost or stolen, it would be impossible to discover which account it belongs to.

Another alternative could be a built-in device key (e.g., smartphone or tablet). In this case, for proper functionality, Bluetooth connectivity is required.

Smartphone prompt

This solution doesn’t rely on entering codes. Instead, when logging into a service via a new browser or device, your smartphone receives a prompt that you must approve.

Similar to the mobile app, an attacker would need physical access to your mobile device to access your accounts.

Text message

When logging into an account, you would receive a text message with a generated code that you then enter after your password. Numerous services routinely employ this method.

However, this is no longer considered to be the most secure solution. But why? As it turns out, a phone number can be transferred to a different SIM card, then its text message communications, location, or calls can all be monitored remotely.

TIP: Beware of scams

Two-factor authentication makes the jobs of hackers more difficult. So it’s no wonder they’re trying to foil even this security measure. Now they have begun to use the so-called social engineering methods to manipulate people into giving up personal information.

The attack can go something like this: the attacker requests a password reset when logging into your e-mail account. The e-mail account sends you, as an owner of the mailbox, an authentication code in the form of a text message. Simultaneously, the attacker sends you a message informing you of suspicious activity on your account, and requests the authentication code. If you send the code, the attacker can change your password and gain access to your mailbox.

Should you receive a similar message, and you did not request the code yourself, be very careful. You should also keep in mind that if requested, the code is entered directly in the app or the website, and you should not send it to anyone nor save it to your phone.

Do you use two-factor authentication? Which method works best for you?

The next part of our online security series will be dedicated to antivirus software. Follow our blog or Facebook page to find out more. ?

Simona Pralovska
Simona Pralovska
Vendor manager

I began my journey at LEXIKA during my university days in 2017. LEXIKA, the people that form part of it, and the translation industry have grown on me since then. One of the day-to-day challenges I have to face is finding new talented translators. Furthermore, I take care of developing good and open relationships with our long-standing translators who make it possible for us to do what we love. Over time, I was put in charge of marketing activities and internal HR. I don’t have to worry about my job turning into a daily grind and I learn something new every day. ?

Read more

Do you like our blog?
Share it!

Leave a Reply

Your email address will not be published. Required fields are marked *