In the age of technology, stolen identities, compromised credit cards and all things online, technology companies like Google, Facebook, Microsoft and others are trying to help us. These companies have come to recognize that they cannot force their users to use strong passwords and change them frequently. We also ask a lot of these companies, requiring them to keep our information safe while we are accessing their site from a tablet, a mobile phone, the in-law’s virus ridden computer and the firm’s VPN connection.
Welcome to two-factor authentication.
Some of you have probably heard about the concept, but aren’t quite sure what it is and if you need it. In short, you need it – wherever you can get it. Two-factor authentication will (as Google describes it) “Help keep the bad guys out of your account by using both your password and your phone.” The process forces you to identify yourself by not only a username and password, but also something that is in your physical possession, like a cell phone (that is the two-factor part).
To test the two factor authentication, I enabled it on my Google Apps for Business email. The initial setup for Google Apps for Business was not difficult. The first time I accessed my email on the web after I set it up, I logged in as normal, but a second window came up that was asking me for a Google Verification Code. A text was sent to my phone and I needed to enter in the verification code to continue to my email. Every 30-days, I am asked for a new code when I access my email on the web or from a new device. I have to say, it can sometimes be a pain, but if I can keep the “bad guys” out of my email account it is worth it.
You will see more companies offering two-factor authentication coming down the pike, with Twitter already working on it and more companies getting ready to offer this option. The ability to verify your identity with a username and password, as well as something that you physically have in your possession is here to stay. Considering the possible consequences of a “hacked” account login or stolen credit card numbers, I propose that you enable two-factor authentication whenever possible and let the tech companies help you protect yourself.