Ep2: Securing Logins with Two-Factor Authentication
In this episode of The Byte-Sized Security Podcast, host Marc David speaks with returning expert Nancy Doe about how two-factor authentication enhances login security. They discuss:
- What 2FA is and how it requires both a password and a secondary code or factor to log in
- Real-world examples of using an authenticator app or text code as the second factor
- Benefits of 2FA like blocking hackers even if passwords are stolen
- Tips for enabling 2FA on email, banking, social media, and sensitive accounts
- Setting up backup codes and recovery options to avoid lockout
- Emerging authentication methods like biometrics and security keys
- Why adding 2FA is one of the top steps you can take to lock down accounts
To learn more about two-factor authentication and other practical online security techniques, visit The Byte-Sized Security Podcast website at bytesizedsecurity.show. See you next week when we cover how to spot and avoid phishing attacks. Thanks for listening!
2FA Directory:
Transcript
Welcome back to the bite-size security podcast.
Marc:Your source for practical cybersecurity advice.
Marc:I'm your host, Marc David.
Marc:With new account breaches in the news weekly it's clear, relying
Marc:on passwords alone is not enough to protect our online identities.
Marc:That's why today I'll be talking with returning expert Nancy Doe about
Marc:how two factor authentication takes login security to the next level.
Marc:Stay tuned to learn how to factor authentication works.
Marc:And simple ways to start using it.
Marc:In your important accounts.
Marc:Nancy.
Marc:Thanks for joining me again.
Nancy:Happy to be here.
Nancy:It's such a pleasure talking Information Security that hopefully
Nancy:makes a difference in somebody's life who's out there listening.
Marc:To start off can you explain what two factor authentication is?
Nancy:Sure.
Nancy:Two-factor authentication, or 2FA, is a method for confirming a user's identity
Nancy:that requires two different forms of evidence before granting access.
Nancy:Typically this involves something you know, like a password,
Nancy:along with something you have, like a generated code from an
Nancy:authentication app or a security key.
Nancy:Requiring both factors verifies the person signing in is who they claim to be..
Marc:So adding that second factor definitely seems more secure
Marc:than relying on passwords alone.
Marc:Walk us through what two factor authentication looks like in practice
Nancy:Definitely.
Nancy:Let's say you want to log into your email.
Nancy:You enter your username and password as usual - that's the
Nancy:first “what you know” factor.
Nancy:But instead of immediately getting into your account, you'll then be
Nancy:prompted for the second factor.
Nancy:This could be a 6-digit one-time code generated from an authentication
Nancy:app you've installed on your phone, like Authy or Google Authenticator.
Nancy:You open the app, grab the current code, and enter it to complete login.
Marc:And that unique code changes continually so it can't
Marc:be reused what other options are there for the second factor?
Nancy:Right, it's a one-time code just for that session.
Nancy:Other options include getting the code texted to your phone, using a hardware
Nancy:security key that plugs into your computer, or tapping a notification
Nancy:on your phone to approve the sign-in.
Nancy:The key is requiring something in addition to your static password.
Marc:Definitely more secure what are the main benefits
Marc:companies and users get from 2FA?
Nancy:There are a few big upsides.
Nancy:It blocks hackers and thieves who manage to steal a password, since they won't
Nancy:have the second factor to complete access.
Nancy:It prevents automated bots from breaching accounts using
Nancy:lists of leaked credentials.
Nancy:It alerts you to login attempts from unknown devices.
Nancy:And it gives users peace of mind knowing their accounts have extra protection.
Nancy:Enabling 2FA is one of the top steps companies and individuals
Nancy:can take to improve login security.
Marc:Are there any downsides to be aware of?
Nancy:There's a small amount of additional friction since you
Nancy:need both factors to sign in.
Nancy:Occasionally the Two-Factor Authenication code can expire on
Nancy:your phone before entering it.
Nancy:You also want to make sure you don't lose access to your second factor.
Nancy:But overall the added security far outweighs these minor inconveniences.
Marc:What advice do you have for listeners looking to start using 2FA?
Marc:Should they enable it everywhere
Nancy:I would recommend starting by enabling 2FA on accounts where a
Nancy:breach would be most damaging - like email, banking, and social media.
Nancy:Also use it for any sites that store your financial data or sensitive information.
Nancy:From there, you can expand to other logins as well.
Nancy:As for which method to use, authentication apps tend to be the
Nancy:most secure and convenient option.
Nancy:A great start is the 2 Factor Directory at two f a dot directory.
Nancy:This website shows different categories of web sites that can support 2FA.
Nancy:If 2 factor can be enabled and then step by step instructions on how to enable
Nancy:2 factor authentication for each site.
Nancy:It's absolutely one to visit and bookmark.
Nancy:Check the show notes for a link to this site.
Marc:If someone is nervous about getting locked out if they lose
Marc:a device what's the solution?
Nancy:Excellent point.
Nancy:It's smart to set up backup Two-Factor Authenication methods you can use
Nancy:to recover access, like printing out one-time use backup codes or setting
Nancy:up a secondary authentication app.
Nancy:And confirm that account recovery options like phone numbers are up-to-date.
Nancy:But the small risk of temporary lockout is still far preferable
Nancy:to the huge risk of a breach.
Marc:Great overview of how to smartly implement to 2FA.
Marc:Before we wrap up what emerging authentication trends are on the horizon?
Nancy:Biometrics like fingerprint, face, or iris scanning offer a convenient second
Nancy:factor tied to a physical characteristic.
Nancy:Security keys that confirm logins after tapping them are also growing in use.
Nancy:And passwordless methods like sending a link or code to your phone
Nancy:could complement 2FA in the future.
Nancy:But for most purposes right now, standard 2FA is a huge step up in account security.
Marc:Excellent advice for listeners looking to lock down their online
Marc:accounts thank you nancy for shedding light on two factor authentication!
Nancy:My pleasure Marc.
Marc:Thanks for joining us for this episode, explaining the
Marc:power of two factor authentication to block unauthorized access.
Marc:Enable two factor authentication, on important logins for
Marc:serious peace of mind.
Marc:Visit bite-size security.show to learn more ways to boost your online security.