Last updated December 2017
Think about chip and PIN. It makes your bank account more secure because you need two different
things to use your debit card:
- Something you have (the card)
- Something you know (the PIN)
Before this, just having the card was enough, so anyone who obtained your card could make
payments (assuming they could roughly imitate your signature).
Chip and PIN is the most familiar form of two-factor authentication.
But companies are gradually adopting a similar approach for online accounts too. If you have
Gmail, Outlook.com (formerly Hotmail), a Microsoft account or an Apple ID, you should consider
two-factor authentication because it greatly increases security. Many other companies offer it
Instead of a card, your phone is used as the ‘thing you have’. The first time you sign into
your account from a particular computer, after entering your password, the company sends you a
text or calls you with a one-off code. Receiving this code proves your possession of the phone.
You type in the code on the computer and get into the account. Typically, the company remembers
this particular computer so you don’t have to repeat the process each time.
Now consider that a hacker guesses your password, or tricks you into revealing it via a scam
phone call or bogus website. Their goal is to access your account from their own computer. They
get through the password stage, but because their computer is unfamiliar to the account, they
get asked for a one-off code. They can’t receive this because they don’t have your phone! Their
effort is thwarted.
Two-factor authentication is a massive step forward for security, for only a little extra work
for you. Once you’ve set it up, it will go a long way to keeping hackers out, without
inconveniencing you on a day-to-day basis.
Note: Google (Gmail) and Microsoft (Outlook.com, Hotmail) refer to two-factor
authentication as two-step verification. It’s the same thing.
What if you lose your phone?
Good point! First, it’s a good idea to have more than one phone registered, if possible. These
may include your mobile, landline, or a partner or friend’s phone. You might also be able to
install an app on your tablet which can generate codes. In the case of Apple, your computer can
be registered to receive codes. And with Google, you can print out 10 emergency codes to hide in
a drawer somewhere or take with you travelling.
I’m a computer technician and tutor serving North Oxford, Kidlington, Woodstock and the
surrounding villages. Visit my home page to find out more and get in touch.