2FA – Two-Factor Authentication

2FA (Two-Factor Authentication)
2FA (Two-Factor Authentication) is a way to improve user security, privacy and password dependency through double-checking.

What is 2FA (two-factor authentication)?

In today’s routine, people use a wide variety of online tools to communicate, such as email and social networks, cloud storage spaces to store files, gaming platforms and many more. All these platforms require passwords to protect users’ privacy. One way to maintain security and bypass the reliance on passwords is to use double verification or two-factor authentication (2FA). This is a way to increase security when passwords stored on a device have been stolen by a hacker or cyber-criminal.


How exactly does 2FA authentication work?

Two-factor authentication (2FA) is a security procedure that requires users to provide two levels of identification before accessing their account. The two levels of security can be composed of the following services:

  • Short message service (SMS),
  • Dedicated authentication applications (APP)
  • and U2F (Universal Second Factors) hardware authenticators.

There is no one solution for deploying two-factor authentication, but prior research is required to decide which options among the various media, applications and hardware align with feasibility and which satisfy the need for the service in question.


Which factors are decisive for two-factor authentication?

Each account usually requires a password to prove identity, but then the account becomes quite vulnerable to hacking, especially if an electronic device containing stored passwords is used for public connections. Two-factor authentication is a method of identity verification that adds a second authentication factor in addition to the account password. This second factor can be:

  1. Something the user knows – a PIN number, a second password or an image.
  2. Something the user has – an ATM within reach or a credit card, mobile phone or security token such as a key fob or USB card.
  3. Something the user is – biometric authentication, such as a voiceprint, fingerprint or facial recognition.


2FA increases security, but is not a hundred percent guarantee to avoid hacker attacks

Although 2FA increases the security of accounts, it cannot be said that it is a hundred percent guarantee of protection against hacker attacks. If a cyber-crime takes place, hackers will find a way to access the account. Be it by attempting to reset the password, bypassing the applied security system or by other creative ways, which are also constantly being optimised by the criminal side.

With two-factor authentication, this access is made more difficult because the user is usually warned via the connected devices that there is an intention to access. It is therefore important that everyone is aware of these types of messages so that web attacks can be prevented in this way. Other measures can also be taken to prevent criminals from acting, such as avoiding the use of the same password on multiple portals, combining a longer password with at least eight digits, numbers, upper and lower case letters and special characters, and avoiding the use of date of birth, first name, address or other personal information that can be easily found on social networks.


Conclusion: Two-factor authentication is a simple and quick solution to increase the security of user accounts.

Currently, many services and portals already offer the two-factor authentication procedure as a solution to increase the security of their users, such as access to online banking, social networks, subscription offers and others. It is often necessary for the user to activate the function themselves, but it is usually very easy, quick and intuitive to perform this operation.

It is very important for companies to ensure the security of their users. If they offer this kind of security service within a portal, it strengthens the relationship between the company and the customer. Because in this way, the company takes the concern about illegal transactions or account access seriously and offers the customer or user appropriate recommendations for action.

Although 2FA authentication is not one hundred percent effective against hacker attacks, it makes it more difficult for criminals to act and provides both customers and companies with an increased level of security.

in Wiki: Standards & Norms