Two-Factor, occasionally spelled Two Factor, Authentication is an additional step in signing into social media, applications, or websites using rotating randomly generated codes. At first, the added layer might seem time consuming and even unnecessary but it can actually save time, make collaboration easier, as well as add security. This layer of security also might seem technical or excessive but everyone should use it for every service possible. In particular, we use two-factor for any service that doesn’t have multiple users and for social media accounts that are often targets for “drive-by” intruders.
The one pitfall for two-factor is the setup. There are 2 main ways to setup and get the codes, via text message SMS or through an app such as Google Authenticator; both options have issues.
SMS can be convenient, especially with messages available on multiple devices, but an app is preferred if many accounts are being handled, as shown in the examples.
Ultimately, the app is the better direction because it’s not tied to a phone number. To make sure you can use multiple devices with an app, save the QR code (securely!) that is used to setup, so you can add multiple devices including a phone, tablet, or laptop.
As example here are the two-factor steps for CloudFlare:
- Getting to the security page is the first step. Services like Facebook have usually have this option bundled with other security settings but CloudFlare's is on the profile page: https://www.cloudflare.com/a/profile
- Next the service will either offer both SMS and a QR code or one of the options. As mentioned, QR codes are slightly easier but save the QR code securely!
- Open your authenticator on your phone or tablet and put the camera over to sync up. (There is also usually an option to type a code in also.)
- Last, when the service is added, you’ll confirm by typing in the first random code a first time.
How does two-factor authentication save time?
Even if you don’t enable two-factor, services like Facebook and CloudFlare will often email you to double check your login randomly, if logging in from a new location or from a new device. You can avoid this random check with the two-factor. Also, if you’re sharing access to accounts without multiple users, you can use two-factor to avoid this check when others are logging into the account. Last, most importantly, the extra security could be what saves the immense headache of cleaning up after an intruder as gotten access to important accounts.
Two-factor is important for collaboration, shared accounts or individual.
As mentioned above, two-factor avoids a service emailing to confirm a login, which avoids the inconvenience of an email conformation. If there are multiple users for an account though, there often isn’t password consistency so having two-factor on each account at least enforces a random level of security backing up a potentially insecure user password.
Must must must use for social media, but steadily add every service that you login into regularly.
Next to financial sites, or cloud password managers, social media sites are becoming go to easy targets for hackers as they are gateways to other services. For example, to log into Buffer, you may use Twitter. If your Twitter is compromised, so to is your Buffer account. In fact, once you have two-factor set up, keep an eye on connected accounts also since they can sometimes bypass logins altogether.
Although it adds a little more setup time, keep in mind all the benefits of adding two-factor authentication including the primary goal of added security. To make this a habit, have a process of generating and saving a secure password, backup code, and connecting QR code when you set up a new service. Like other habits, the early effort adding two-factor will save a ton of time later down the road.