What is Two-Factor Authentication and Should I Use it?

June 1, 2019


Just as you lock doors and windows to protect valuables, safeguarding your digital data is an important deterrent to criminals.

By now, you’re probably aware you shouldn’t reuse passwords for access to more than one website, app or software interface. You’ve also likely graduated from using “password123” to access all of your online accounts. So, what’s the next layer of security you should be thinking about?

You may be hearing more about something called two-factor authentication, or “2FA,” particularly from organizations like financial institutions that manage sensitive data. Just as it sounds, 2FA requires a user to enter more than just a password to gain access to the associated account. The idea is to verify that the person attempting to access the account is who they say they are.

A password is often the first factor, and the second factor is something that only the user should have access to, such as a one-time code sent via text or email. This adds another layer of protection making it much more difficult for cyber criminals to successfully access your information.

While 2FA isn’t a silver bullet, it significantly improves security. Yet, less than one in three people know about it. If you’d like to begin implementing 2FA, here are some good places to start:

  • Online banking. If you aren’t taking advantage of Bank Iowa’s 2FA –start today!
  • Email. With email now used as a primary communication channel, it’s not surprising email breaches are one of the main causes of personal data loss. In 2017, Yahoo reported an epic data breach affecting every one of its accounts – an estimated 3 billion!
  • Social media. Social media platforms are a growing target for hackers, as many of these sites collect vast amounts of personal data. Most platforms now offer 2FA to decrease these risks. Check your account settings to turn on the feature on.
  • Google. Google is so much more than an internet browser. If you have a Google account, you’re probably utilizing multiple features, and it may be storing information related to your searches, email communications, calendar, photos and more. Fortunately, Google offers multiple authentication options, including 2FA.
  • Cloud storage. You might be using services like Dropbox, OneDrive or iCloud to store files in the cloud, saving space and keeping documents easily accessible from anywhere. If you’re not using 2FA to protect your information, you may as well be handing over your personal laptop to the dark web.
  • Password managers. If you’ve mastered the first part of 2FA, a password manager is helpful tool for generating strong, unique passwords and keeping them stored and organized. Make sure they are as safe as possible by adding authentication factors beyond your unguessable password.