No doubt you’re already aware of two-factor authentication, or 2FA for short. It’s an idea that arose in the 1990s, in recognition of the fact that simple password-based protection wasn’t always sufficient for the growing number of online services.
Today, that’s truer than ever. In the 21st century, almost every aspect of your personal life, from relationships to medical and financial records, is accessible over the internet – yet at the same time, passwords are being stolen left, right and centre. Try putting your details into haveibeenpwned.com and see how many times your own credentials have been stolen or leaked online. It’s such a widespread issue that many security suites now include a tool that warns you when your passwords show up on the dark web.
Well, you might be thinking, no-one’s yet hijacked my email or emptied my savings account. And if you’re in that happy position, you probably have 2FA to thank.
What does 2FA mean?
There’s a maxim in the security business that there are three ways to confirm your identity: with something you know, something you have or something you are. In practice these might translate to a password, a mobile phone or a fingerprint.
These methods aren’t all equal – a fingerprint is hard to fake, whereas a password can be much more easily compromised. And if you ask me to believe that you’re Joe Bloggs solely on the grounds that you have his phone, I might well be suspicious. But if more