Considering the increasing rate at which users’ online accounts are hacked, two-factor authentication (2FA) or two-step authentication has become necessary to provide an extra layer of security for online accounts.
Two-factor authentication is an additional security feature that requires the user to provide two pieces of information or evidence before having access to an online account. The information could be a passcode or token received via SMS, email or through a third party authentication app such as the Google Authenticator and Microsft Authenticator.
How it works
When you try to login to your online accounts, a passcode will be sent to each of your chosen method of authentication. Online accounts and apps usually provide the user to pre-select a preferred method of authentication. The user would be required to wnter the information in order to login.
2FA is different from knowledge based authentication or security question, which requires the user to provide answers to secret questions that have been set by the user. For instance, “what is your favorite team? Who is your best friend?
Unlike 2FA, knowledge based authentication is less secure. People close to you may decipher some of the answers to the secret questions and have access to your account.
Social media platforms have varying ways of implementing this additional layer of security. While Whatsapp and Telegram use pin code as a factor or means of authentication, Facebook uses text message and the authenticator app. Twitter takes it a bit further by using text message, authenticator app and a security key. There is even a password reset protection in Twitter that requires that you confirm your email before changing your password. The Twitter approach makes it more of a Multi-factor authentication (MFA), since you can enable more than two extra layer of security in your account.
Real life use cases
Whatsapp added 2FA as an optional feature somewhere around 2017. Facebook enabled this feature in 2011, Google in 2012 and Instagram in 2016.
When it featured on Whatsapp, I quickly enabled it given how quick I am at embracing new technological trends. A few months later, someone tried to have access to my Whatsapp account. I noticed that Whatsapp had sent a verification code via SMS to my phone. The person could easily enter the code obtained on my phone but in order to login, he or she would be required to enter a 6-digit pin that has already been set as part of 2FA. This I believe hindered the hacker from logging into my account.
A more popular use case would be when the renowned YouTuber Arun Maini, known online as Mrwhosetheboss, had his Instagram, Twitter and YouTube accounts hacked, 2FA helped him get his accounts back. You may watch the video below on how he got his accounts back:
To view Arun’s YouTube channel, click on Mrwhosetheboss
How to enable 2FA
The steps to enable the feature are mostly similar. You can turn on 2FA by heading over to the security or account settings. I have detailed specific steps to enable 2FA for some of the popular social media platforms.
- Head to Settings
- Tap on Account
- Tap on Two-Step Verification.
- Enable the feature and set a pin code
- tap on the menu icon and head to Settings.
- Under the Security session, tap on Security and Login.
- Tap on Two-Factor Authentication, select your preferred method and tap continue.
- Follow the options on the screen to complete the process.
You may follow the pattern above to enable 2FA in all other accounts.
The importance of 2FA cannot be over emphasized so it is very paramount to enable it on all online accounts to provide an additional level of security for your online experience.