How To

The importance of two-factor authentication

The significance of employing secure passwords is more important than ever. Hackers are hungry for passwords, as they have substantial monetary value. Stories are constantly developing in the media about high profile data breaches and password leaks, leaving thousands of accounts vulnerable to being accessed by cybercriminals. With two-factor authentication (2FA), you get an extra layer of security that hackers can’t easily access, because the criminal needs more than just the username and password credentials. You’re actually using it already and you may not be aware of it. Your ATM card is a 2FA method, via your physical card and your pin number.

What is used for 2FA?

2FA is a method of verifying your identity that adds a second factor of authentication in addition to your account password.

  • Something you know – a pin number, password or pattern.
  • Something you have – an ATM or credit card, mobile phone or security token such as a key fob or USB token.
  • Something you are – Biometric authentication such as a voiceprint or fingerprint.

How “Hack-proof” is 2FA?

While nothing is 100% secure, your account can still be vulnerable via hacking through password recovery options. Lost password recovery usually resets your password via email, and it can completely bypass 2FA. This can leave you vulnerable if the attacker has gained access to your email account associated with the account you use 2FA with. Be sure to monitor your email account for messages requesting password changes.

There are some extra measures of password security that you can take, in addition to 2FA:

  • Do not use the same passwords across multiple accounts.
  • Make sure your user passwords are at minimum eight characters long and be sure to use a unique combination of uppercase and lowercase letters, symbols and numbers.
  • Don’t use words, birthdates, addresses or phone numbers in your passwords. These are things that can easily be found out about you on the Internet.

While not all websites offer 2FA you can check twofactorauth.org (link is external) to see what services employ it.


Editorial note: Our articles provide educational information for you. Norton LifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Copyright © 2019 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of Amazon.com, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.