What is Two-Factor Authentication (2FA)?

…and why is it important for you?

If you’re reading this, you’re probably asking yourself the question “what is Two-Factor Authentication” or “what is 2FA”. This might be because you are using 2FA for the first time, you are curious about improving security, or you are encountering security issues. Well, you’ve come to the right place!

Do you already know all about 2FA and do you want to set it up for your PCextreme account? Then you can skip ahead and visit our step-by-step guide to enable 2FA .

Online security is constantly evolving. For most of us, the combination of a unique username and password has done the trick in the past, especially when it comes to securing non-critical data. But more and more services are being moved online. This means your financial information, important business intel, or health data are now accessible through the internet. This gives cybercriminals an opportunity to get their hands on your valuable data. That’s why it’s important to regularly assess your existing security measures… and implement new ones when needed.

Thankfully, Two-Factor Authentication or 2FA allows businesses and individuals to easily upgrade their existing systems. Let’s dive deeper into how 2FA can work for you. 

Insert picture here: for instance via https://unsplash.com/s/photos/security or https://unsplash.com/s/photos/cyber-security (Unsplash contains rights-free stock photos, free to use for anyone).

How does 2FA (two-factor authentication) work?

As the name says, two-factor authentication relies on the user verifying his or her identity with two unique factors. Today, most 2FA systems rely on these three categories of factors:   

  1. A possession factor: something unique the user owns, like an ID card, a smartphone, a hardware token, or an app-generated code.
  2. A knowledge factor: something unique the user knows, like a shared secret, a personal identification number (PIN) or a password. 
  3. An inherence factor: checks for unique biometric properties. The user is verified through his or her voice, with facial recognition or via fingerprint or iris scan.

Put simply, users can authenticate themselves with unique things they have, know, or are. These factors are hard – and sometimes even impossible – to falsify. This makes them a reliable basis for effective security. 

Because 2FA relies on two factors, losing one of the factors like a password, phone or ID card does not automatically mean that your accounts are compromised. The person trying to access your data will still need the second factor… which makes it unlikely for them to succeed in most scenarios. 

As you can probably already tell from the examples, there are numerous ways to create this second factor. At PCextreme we secure our users’ websites and online services using app-generated codes. What are app-generated codes you ask? We were just about to tell you! 

2FA via app-generated codes

Personal mobile devices offer a range of possibilities for authentication. A simple and increasingly popular method is via authenticator apps, which works a lot like SMS verification. With this method, users authenticate their identity using an app installed on their phone. 

This app will generate a new code unique to the device every 30 seconds. Users are prompted for this unique code after logging in with username and password. This means that even when someone gets a hold of your username and password, they will still need the unique code from your phone… and vice versa. Because the code changes every 30 seconds, the chance of someone succeeding to get the right code at the right time is very small. This makes app-generated codes a very secure option if you are looking to implement 2FA. 

2FA authenticator apps

There are many authenticator apps on the market today, and a lot of them are free to use. 

Probably most well-known is the Google Authenticator app, a simple and straightforward way to generate codes. Usually, you can use the app to scan a QR code on the website you plan to use. From then on you will always find a code for that website in the app. 

Microsoft also has its own authenticator app, which admittedly looks a lot like it’s Google relative. There’s a few slight differences in style and look… but other than that it’s just as easy-to-use, and effective at generating the codes you need. 

A third authenticator app is Authy, which is also free and offers a little more functionality that Google. One of the benefits of Authy is that it makes cloud backups of your accounts. This means you can easily transfer your accounts when you have a new device. 

There are many more options but we encourage you to test a few. If you have lots of Google accounts then perhaps the Google app works best for you, and the same goes for Microsoft. If you’re looking for extra usability then Authy might suit you. One thing’s for sure, no matter your device, there is an app out there for you! Both Google Play and the App Store contain hundreds of options. 

Want to use 2FA? PCextreme has you covered!

As a PCextreme client, you can easily set up 2FA authentication for your account in a few simple steps: click here for a step-by-step guide

Do you have any other questions about Two-Factor Authentication or how to better secure your account? We’re happy to help! Contact us and we’ll answer any doubts you have.