Two Factor Authentication

2FA Securing your login | Tech Tips Article by PcCG

Two-Factor Authentication (2FA) is a method to secure your login's on various sites even if someone is able to obtain your password.

Why should you use 2FA Apps? See the video below (Update: now recommend Authy - below shows setup for Google Authenticator. Authy setup is very similar but has more features and backing up options).

The way it works conceptually is you log into a site (which you've setup 2FA on). Then you are prompted to enter a 2FA code usually obtained from your phone. This can be via SMS, Google Authenticator or Authy. You enter that secondary code (one which only works for a short period of time), then are allowed onto the site. 

As you've probably gathered, if someone has just your password, but not your phone (which hopefully is locked!) - they still won't be able to access the site in question.

Not all sites support 2FA, however most the big ones do. We'll run through the steps for facebook. The process is the same for other sites, provided you can find where to enable 2FA login.

I prefer to use the Google Authenticator app. We prefer to use Authy. You can get that from the playstore or appstore on your Android or iPhone. Once installed it should look something like this (of course without any sites setup yet I.E. no big blue numbers):

 

Now that we've got the app, we'll go to facebook login security settings and find this:

We click "Get Started" and then we are asked if we want to use Text Messaging or an Authentication App. I'm going to choose the App as it's more secure than SMS/Text. This is the result of choosing the app method:

What do we do with this? Simple! We go back to our phone and click the "+" sign in the google Authenticator app. Our camera will open and we simply point it at the QR Code. IMPORTANT: Save the code (in this case the EZZ 5R3E etc..) in a safe place on your computer. The reason we save this code is in-case our phone gets lost or damaged. If you lose or damage your phone, you won't be able to log into sites that require 2FA until you restore the app with the codes on your new phone.

After you've scanned the code with your phone, you'll notice you now have those big blue numbers that change frequently. This is good!

We go back to facebook and click "Next" and are then prompted to enter the code we see in our Google Authenticator app. This step is to ensure it's setup properly. Once you've entered that ever-changing code you are all set. You now have your first 2FA enabled login!

From this point forward when you log into facebook, you'll need to grab your phone and use the app to verify your login info with the changing code in Google Authenticator. 

I recommend enabling this feature on social networking sites, financial sites and email/communication sites (if they support it). 

You can use the SMS/Text method if you prefer, but there are technical reasons that it's considered less-secure (but still much better than just a password alone). Other apps such as Authy work in very similar fashion - so you don't have to use Google Authenticator if you don't want to.

I can tell you this has helped a couple of times for me personally. One of my trading financial accounts had an attempted login with the correct password. However they couldn't get in because I had 2FA setup, as well as one of my Email Accounts. 

Congrats! You are now very unlikely to have your accounts hacked! Make sure again that you saved the code somewhere safe so when you get a new phone - you can re-enter the keys to log into your sites.