I guess many will agree that only having a password to protect our account is not safe. Of course, I am not encouraging people to simply set a password. But my point is, there is a high chance someone will get their hands on your password and immediately they can log in to your account with that one single password. Besides, many of us use the same password for most of our accounts, right?
So, there comes 2-factor authentication. What is 2-factor authentication (2FA)? 2-factor authentications is a 2 steps authentication where the person who logs in will need to provide 2 evidence to prove that they are the rightful owner of the account.
The reason to do so is that, as mentioned above, the password itself is not safe anymore. Password is already something hacker can easily get their hands on. So to prevent things like this from happening, 2FA aims will require another verification, usually through something more personal like SMS or phone call, to verify.
How does 2FA work?
Usually, everything will start with a password, then when the password is correct, the system will prompt for a 2nd authentication method for you to choose from. The image below shows how usually the system prompt for 2nd authentication.
There is various type of 2FA available, and usually, users get to choose which one they prefer. A phone call, SMS, email, App are some of the options available.
Does it really help?
To some extent, yes. But if the hacker really wants to get the information that you have, they can still forcefully bypass your 2FA to access your account. But that is very unlikely for a mere mortal like you and me because the hacker will usually look for easy targets, as people with “password” as their password.
Final Verdict
So yeah, signing up 2FA is a wise choice. It won’t stop but at least it will make the hacker life harder which in turn, will turn them away from hacking your account. Still, we should always count on ourselves to protect our account. Steps, like not using the same password for every account (password manager can help on this), create a strong password, update our app or device regularly, make sure the cybersecurity awareness level is high for all system users, are still very relevant. After all, the hacker is not someone we want to play with.
