How To

The importance of two-factor authentication

The significance of employing secure passwords is more important than ever. Hackers are hungry for passwords, as they have substantial monetary value. Stories are constantly developing in the media about high profile data breaches and password leaks, leaving thousands of accounts vulnerable to being accessed by cybercriminals. With two-factor authentication (2FA), you get an extra layer of security that hackers can’t easily access, because the criminal needs more than just the username and password credentials. You’re actually using it already and you may not be aware of it. Your ATM card is a 2FA method, via your physical card and your pin number.

What is used for 2FA?

2FA is a method of verifying your identity that adds a second factor of authentication in addition to your account password.

  • Something you know – a pin number, password or pattern.
  • Something you have – an ATM or credit card, mobile phone or security token such as a key fob or USB token.
  • Something you are – Biometric authentication such as a voiceprint or fingerprint.

How “Hack-proof” is 2FA?

While nothing is 100% secure, your account can still be vulnerable via hacking through password recovery options. Lost password recovery usually resets your password via email, and it can completely bypass 2FA. This can leave you vulnerable if the attacker has gained access to your email account associated with the account you use 2FA with. Be sure to monitor your email account for messages requesting password changes.

There are some extra measures of password security that you can take, in addition to 2FA:

  • Do not use the same passwords across multiple accounts.
  • Make sure your user passwords are at minimum eight characters long and be sure to use a unique combination of uppercase and lowercase letters, symbols and numbers.
  • Don’t use words, birthdates, addresses or phone numbers in your passwords. These are things that can easily be found out about you on the Internet.

While not all websites offer 2FA you can check twofactorauth.org (link is external) to see what services employ it.


Editorial note: Our articles provide educational information for you. Norton LifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Norton by Symantec is now Norton LifeLock. LifeLock™ identity theft protection is not available in all countries.

Copyright © 2019 Symantec Corporation. All rights reserved. Symantec, the Symantec logo, the Checkmark logo, Norton, Norton by Symantec, LifeLock and the LockMan logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the United States and other countries. App Store is a service mark of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution Licence. Other names may be trademarks of their respective owners.