Two-factor authentication

By Martin Edwards

Last updated October 2018

Think about chip and PIN. It makes your bank account more secure because you need two different things to use your debit card:

Previously, just having the card was enough, so anyone who obtained your card could make payments — assuming they could roughly imitate your signature.

Online accounts

Chip and PIN is the most familiar form of two-factor authentication, but companies are gradually adopting a similar approach for online accounts. If you have Gmail, (formerly Hotmail), a Microsoft account, or an Apple ID, you should consider two-factor authentication because it greatly increases security. Many other companies offer it too.

Note: Some companies refer to two-factor authentication as two-step verification. It’s the same thing.

Logging in

Let’s use Gmail as an example. You already have a password; it’s the ‘thing you know’. With two-factor authentication, your mobile phone becomes the ‘thing you have’.

You go to check your email and enter your password in the usual way, but Gmail then texts or calls you with a one-off six-digit code. Receiving this code proves your possession of the phone. You type the code into the computer and Gmail welcomes you in.

Because it would be annoying to always have to do this, Gmail remembers your particular computer and only makes you repeat this process occasionally.

Thwarting hackers

Now consider that a hacker guesses your password, obtains it from a data breach, or tricks you into revealing it via a phone call or bogus website. Their goal is to access your Gmail.

They get past the password stage, but because their computer is unfamiliar, Gmail demands a one-off code — which it dutifully sends, of course, to your phone. The hacker is thwarted because they didn’t get the code. And as a bonus, you’re now aware that your password is compromised.

Two-factor authentication is a massive step forward for security, for only a little extra work for you. Once you’ve set it up, it will go a long way to keeping hackers out, without inconveniencing you on a day-to-day basis.

What if you lose your phone?

Good point! First, it’s a good idea to have more than one phone registered, if possible. These may include your mobile, landline, or a partner or friend’s phone. You might also be able to install an app on your tablet which can generate codes. In the case of Apple, your computer can be registered to receive codes. And with Google, you can print out 10 emergency codes to hide in a drawer somewhere or take with you travelling.

Need help?

I’m a computer technician and tutor serving North Oxford, Kidlington, Woodstock and the surrounding villages. Visit my home page to find out more and get in touch.