Why two-factor authentication is your best cyber defense

So, we’re betting at least some of your apps and online accounts have asked, “Do you want to opt into two-factor identification?” And, if you’re like many people, all that texting and code retrieval might seem just a little too much trouble.

Is all that security really necessary? Short answer: YES. And it doesn’t have to be hard.

Cyber attacks, personal data leaks, and phishing scams are becoming more common as hackers get more sophisticated and as we conduct more of our personal and financial transactions on apps and online. Scary factoid: the FBI’s Internet Crime Complaint Center reported that people lose $57 million in phishing and smishing schemes each year^.1

Two-factor identification (2FA) provides an extra layer of protection to help safeguard your personal data and your dollars when you are accessing websites and apps.

Also referred to as “two-step authentication,” “two-step verification” or “multi-factor authentication,” 2FA is an electronic security protocol that prevents you from accessing a website or an app until you validate your identity with two or more pieces of proof. This helps ensure that unauthorized users can’t pretend to be you.

Multi-factor identification “secures your logins from attackers exploiting weak, stolen, or leaked credentials,” says Laura Bennett, Senior Vice President, e-Consumer North America for Blink^SM by Chubb^®.

Many widely-used internet service providers (e.g. Google, Apple, Amazon) and social media platforms (e.g. TikTok, Snapchat, Facebook/Instagram), as well as financial sites, productivity, and personal apps (e.g. Paypal, Slack, Fitbit) have 2FA capability.

• A helpful website that lists sites currently offering multi-factor identification can be found here 2FA Directory.
• Enabling 2FA is typically done through your user account and/or security tab. Instructions vary, so check with the individual sites or apps for specifics.
• There are a number of authentication apps that consolidate and streamline your 2FA efforts. In other words, the app automatically authenticates you and eliminates the code sending step. The advantages of using these are that they typically work even when you don’t have access to cell service, and they are considered more secure than text messages. Some of the most popular apps are Authy, Google Authenticator, Duo, and Microsoft Authenticator.

We do not endorse any particular vendor or brand of 2FA, but consumers should take time to research options along with the benefits of utilizing 2FA for their circumstances.

Currently, 2FA apps are the most secure user authentication methods. However, it is important to always practice good cyber hygiene habits:

• "Leverage alerts on all accounts (especially financial) to warn you of suspicious activity,” Bennett advises.
• Use a strong and unique username and password and never save passwords in your web browser.
• Keep your computer’s operating system up to date. This is to ensure you have the latest security features in place.
• Be wary of emails, texts, or attachments from unfamiliar or suspicious-looking senders especially those that ask for personal data.
• Avoid using open wi-fi networks, which are easily hacked.

We do not endorse any particular vendor or brand of 2FA, but consumers should take time to research options along with the benefits of utilizing 2FA for their circumstances.

In the war against cybercrime, knowledge is power. You’re now armed with two-factor authentication wisdom — a key weapon in your personal protection arsenal.