top of page
Search

Two-Factor Authentication (2FA)

  • szanjan6
  • Aug 1
  • 3 min read

Updated: Sep 16

Passwords alone are no longer enough to keep your accounts secure.


In today’s digital world, passwords alone are no longer enough to keep your accounts secure. Cybercriminals are constantly finding new ways to steal login credentials through phishing, brute-force attacks, and data breaches. This is where Two-Factor Authentication (2FA) comes in. A simple, yet highly effective security measure that adds an extra layer of protection to your online accounts.


What is 2FA?

2FA is a security process that requires two separate authentication factors to verify your identity. Instead of just entering a password, you will also need a second factor, such as;


  • A code sent to your mobile device

  • A fingerprint scan

  • A hardware security key. 


This additional step significantly reduces the chances of an attacker gaining access to your account.



How does 2FA work?

2FA works by adding a second layer of security to your login process. Instead of just entering a password (something you know), you must also provide a second form of verification, usually from one of the following categories:


  • Something you have – like a smartphone app (e.g., Google Authenticator), a hardware token (e.g., YubiKey), or a code sent via SMS or email.

  • Something you are – such as a fingerprint, face scan, or other biometric data.



How It works (example flow)

  • You enter your username and password on a website or app.

  • You are prompted for a second factor – this could be a one-time code from an app, an SMS message, or a prompt from a hardware device.

  • You enter or approve the second factor, verifying that it is really you trying to log in.

  • Access is granted only if both factors are correct.


This method significantly reduces the risk of account compromise, even if someone steals your password.


how 2FA works


The Benefits of Enabling 2FA

  • Enhanced Security: Even if someone steals your password, they will not be able to access your account without the second authentication factor.


  • Protection from Phishing Attacks: Cybercriminals often trick users into revealing their passwords, but 2FA ensures they still cannot log in without the second step.


  • Safeguarding Personal & Financial Information: With 2FA, your sensitive data, such as bank accounts, emails, and social media profiles, remain protected.


  • Compliance with Security Best Practices: Many businesses and services now require 2FA to enhance cybersecurity and meet compliance regulations.




The Risks of Not Using 2FA

Without 2FA, your accounts are at risk of:


  • Password Breaches: Hackers frequently gain access to databases containing user passwords. If you reuse passwords across multiple sites, one breach can compromise multiple accounts.


  • Credential Stuffing Attacks: Cybercriminals use stolen login details to access other accounts where the same credentials are used.


  • Financial Loss & Identity Theft: Unauthorised access to your email or financial accounts can lead to fraudulent transactions and personal data exposure.



Password v 2FA



How to Enable 2FA on Your Accounts


Activating 2FA is simple and should be done for all critical accounts, such as emails, banking, social media, and cloud services. Here is how to enable 2FA on some common platforms


Google (Gmail, YouTube, Drive, etc.)

  • Open your web browser and go to Google’s 2-Step Verification page.

  • Sign in to your Google account if prompted.

  • Under ‘How you sign in to Google’, select Turn on 2-Step Verification 

  • Follow the on-screen instructions to set up 2FA by either using 

    • SMS codes

    • Google Authenticator (or alternative applications)

    • A security key.



2FA example

Microsoft (Outlook, OneDrive, Office 365)

  • Navigate to Microsoft’s Security page in your browser.

  • Sign in to your Microsoft account.

  • Under ‘Advanced Security Options, find the ‘Two-Step Verification’ section.

  • Click on ‘Turn on’ to begin the setup.

  • Follow the prompts to enable 2FA using an authentication app, phone number, or another verification method.


MS Authenticator


Facebook

  • Navigate to Meta’s account center for password and security in your browser.

  • Or alternatively, Open Facebook and go to ‘Settings & Privacy’.

  • Click on ‘Settings’, then ‘Password and security’ and ‘Password and security’ again.

  • Click on ‘Use Two-Factor Authentication

  • Choose your preferred authentication method (text message or authentication app) and follow the setup instructions.



  • Go to ‘Settings & Privacy’ under your profile picture.

  • Select ‘Sign-in & security’ and find ‘Two-step verification’.

  • Choose your verification method and activate 2FA.


LinkedIn Authenticator

 
 
bottom of page