Play it Safe Online with Two-Factor AuthenticationPosted by
Hackers see small businesses as easy targets, but you can bolster your defences by enabling two-factor authentication on your online accounts.
Two-factor authentication adds an extra layer of security that can stop intruders breaking into your accounts, even if they know the password. With two-factor authentication enabled, access to your account relies on something you know – your login and password – and something you have.
The something you have can be a range of things. Often it’s your smartphone, with a single-use code sent to you as a text message. You need to enter both your password and the one-time code in order to access your account; just one isn’t enough. This locks out hackers unless they’re also holding your phone.
When you’re logging into a service using two-factor authentication, you can often tick a box to “trust this device”. This makes two-factor authentication less of an inconvenience while still keeping you safe. You won’t be regularly asked for a two-factor code when using that particular app on that particular device, such as the browser on your computer. When you’re logging in from a new app or device you’ll still need to enter a two-factor code, to prove that it’s really you.
Instead of relying on a text message, some services let you generate a one-time code using a mobile app. One advantage of this is that you can still obtain a two-factor code even if your phone is offline, whether you’re in a mobile blackspot or travelling overseas using a different SIM card and mobile number. Relying on an app to generate codes rather than a text message also thwarts hackers who might attempt to hijack your mobile phone number and port it to another SIM card, in an effort to intercept your two-factor code and break into your account.
Rather than relying on a smartphone, you can also use a USB security dongle as a form of two-factor authentication – ensuring you can’t log into your account unless that USB stick is plugged into your computer. Alternatively, some services rely on a key fob with a tiny screen that displays an ever-changing two-factor code.
Using two-factor authentication might seem like a hassle, but not nearly as much of a hassle as hackers breaking into your key business systems and services. If that’s a drama you’d rather avoid then enabled two-factor authentication is a sensible security precaution.