Passwords are everywhere. We use them to access our
money, on our communications, even our social lives. At first, we used one
password for everything, but that wasn't good enough, so we started making our
passwords even more complicated and began using password
managers to organize the dozens or hundreds
of the unique passwords we used, but no matter how complex our password system was, it was never enough to
prevent account takeover because all it took was one phishing email or database exploit, and your
password was out in the world.
So if passwords are impossible
to protect on your own, what do we do? That's where two-factor
authentication comes in. Two-factor authentication,
or 2FA, adds a second method of identify verification
to secure your accounts. First, the thing you know, your password, then something unique that you have, like your phone or fingerprint. By combining your password
with one of these factors, attackers can't access your account even if they have your password. The most common 2FA systems
use a unique one time code with every log-in attempt. This code is tied to your account and generated by a token,
smartphone, or sent to you by text message. The more modern and
most secure form of 2FA uses a mobile app to send
an approval notification to your smartphone or smartwatch for the least hassle possible. With 95% of breaches
involving account takeover, two-factor authentication
is the most effective method of prevention. It's time for everybody,
businesses, governments, and you to take the easy and effective step of enabling two-factor authentication on all accounts. If it uses a password, it needs to use two-factor authentication..
