Most computer users are familiar with one-factor authentication wherein they must provide a password to log into a computer or service (such as email).
Two-factor authentication significantly increases the difficulty of imitating a user or otherwise gaining unauthorized access to the user’s account by requiring a second unique identifier before allowing access. At minimum two-factor authentication requires two out of three regulatory-approved authentication variables such as:
- Something you know (like the PIN on your bank card or email password).
- Something you have (the physical bank card or a authenticator token).
- Something you are (biometrics like your finger print or iris pattern).
A common form of two-factor authentication involves linking the user’s mobile phone to their account. To log in successfully the user needs both the login name and password, and an authentication code sent to their mobile phone (here the phone functions as an authenticator token in the “something you have” category listed above).
For a more in-depth look at two-factor authentication and how to deploy it, check out the following How-To Geek articles:
- HTG Explains: What Is Two-Factor Authentication and Should I Be Using It?
- Increase Security by Enabling Two-Factor Authentication on Your Google Account
- How To Use Google Authenticator and Other Two-Factor Authentication Apps Without a Smartphone
- Secure Yourself by Using Two-Step Verification on These 16 Web Services
- By Jason Fitzpatrick on 01/23/13