Two Factor Authentication (2FA)

Two-Factor Authentication (2FA) is a security protocol that requires users to furnish two distinct authentication elements to validate their identity. The primary aim of 2FA is to augment security beyond the conventional username and password pairing. By demanding two autonomous pieces of information, the task of unauthorised individuals attempting to gain entry to an account or system becomes considerably more challenging.

2FA typically falls into one of three categories

1. Knowledge Factors

This encompasses something known to the user, such as a password or PIN, representing the traditional authentication method.

2. Possession Factors

This entails something owned or possessed by the user, such as a physical device or token. Examples include a one-time password (OTP) generated by a hardware or software token, a smart card, or a mobile device.

3. Biometric Factors

This involves something unique to the user’s physical characteristics, such as fingerprints, retina scans, or facial recognition.

Even if one factor is compromised, such as a stolen password, an attacker would still require the second factor for access. Two-factor authentication heightens the security of online accounts and systems, mitigating the risk of unauthorised access resulting from compromised or weak passwords.

What are the common types of 2FA?

Time-based One-Time Passwords (TOTP)

Users generate one-time codes using a mobile app like Google or Microsoft Authenticator. These codes are time-sensitive and expire after a very short time period.

SMS or Email Codes

A one-time code is dispatched to the user’s registered mobile phone or email address, which they must input during the login process.

Biometric Authentication

In addition to a password, users may need to furnish a biometric factor such as a fingerprint or facial scan.

Numerous online services, banking institutions, and security-focused applications offer Two-Factor Authentication as an elective measure to maximise user account security. Activating 2FA is safeguards against unauthorised access, particularly for accounts containing sensitive personal or financial information.