This video is courtesy of the Stop.Think.Connect campaign as part of the National Cyber Security Awareness Month.
As big data breaches such as those targeting Home Depot and Target increasingly grab headlines, one security tool with a technical-sounding name is gaining awareness beyond IT professionals.
That tool is two-factor authentication. It’s also known as two-step or multi-factor authentication or verification or 2FA. It’s a security tool that uses multiple verification techniques to prove that the person attempting to log onto an account is really that person.
One method with which many of us are already familiar is that special code we receive via phone text after we’ve logged onto a password-protected site or app on our laptop or other device from a browser we normally don’t use. We gain access to our account only after we correctly enter the code.
Two-factor authentication can combine multiple types of verification.
Some of these methods include:
- Something you know: a password, code, passphrase or PIN
- Something you have: a physical token, chip, fob or phone
These methods provide an extra layer of security. Most people only have one layer – their password – to protect their account. But combining something you know (your password) with something you have (your phone, token, etc.), makes your account even more secure.
In just one example of its use, ITS has enabled two-factor authentication for people accessing sensitive information from an off-campus location.
Big sites already using two-factor authentication include Facebook, Twitter, Dropbox and Apple.