Understand: Two-Factor Authentication

Matt Blowes October 29, 2014 Security

Microsoft recently revealed two-factor authentication will be a new security feature for its upcoming operating system, Windows 10.

It's a move aimed at preventing hackers from causing serious security breaches and data destruction.

But what is two-factor authentication and why should you use it if you've just made your password more secure?

How does it work?

Two-factor authentication is where two pieces of information are required to access an account. These are typically a password you create (1st factor) and a randomly generated PIN code (2nd factor) accessed typically via text message or a trusted device.

Your password will work like any other password you use. After it is entered you will be asked to enter your PIN code.

How you receive your PIN code will depend on how you originally set up your two-step authentication. It may be emailed to you, sent as a text message, generated by a mobile app or even told to you by through an automated phone call or a physical code generating device.

The 2nd factor after you password can even be some other type of information instead of a PIN code. It can be biometric information, like your fingerprint or retina scan.

Where does it work?

Two-factor authentication is fast becoming an IT security standard with many popular web services leading the way. You will probably find many of the services you use already offer two-factor authentication.

GoogleOffers their 2nd factor by sending your PIN code in a text message or being generated with their Google Authenticator app for Android and iOS devices. You can also obtain your PIN code by phone, a physical USB device and more. You can even register specific devices so you don't have to enter in your PIN code every time.

Amazon Web ServicesAWS standard two-factor authentication uses mobile apps to generate their unique PIN code, the Google Authenticator app is compatible. For a fee, physical code generating devices can be hired for an extra layer of security. These devices work like those you may use or have seen available for bank and credit card accounts.

Apple - Sends your 4-digit PIN code via text message or Find my iPhone to one or more of your trusted devices. If you lose access to your trusted devices, you can still access your account with a permanent and separate 'Recovery' key.

Microsoft - For a Microsoft account, you will be sent a 7-digit PIN code via text or email and devices can be saved as trusted once it is entered. For Windows 10, more details will be revealed in the lead up to its release.

Facebook - Facebook's two-factor authentication, named 'Login Approvals', is more limited than the others and sends its PIN code via text message. After it is entered on a device, that device can be saved as trusted.

Most other web services now offer similar two-factor authentication security features as well. It can often be enabled where you change your account password with more information found on Support and Security pages.

Recent Posts

New call-to-action

Subscribe to our Newsletter