What is Two-Factor Authentication?

Two-Factor or multi-factor authentication offers an additional layer of security for your online accounts and sensitive information. The idea of two-factor authentication (2FA) is simple but effective. Once you input your login information, you will be prompted to insert a code generated by your authentication application. Usually, the two-factor authentication code consists of six characters. 

If you are still wondering why you need two-factor authentication, imagine that hackers compromise your login credentials. Nothing is stopping them from logging into your account or system and stealing your sensitive information. Luckily, you will make it really hard for them if you have two-factor authentication. Because even with your login credentials, they won’t be able to access your account or system. Furthermore, two-factor authentication will keep your accounts safe by protecting you from some of the most used hacking attacks -- brute-force attacks, for example.

Two-Factor Authentication Fights Cybercrime

Considering the frightening statistics of data breaches, online safety should be taken seriously. AV-TEST Institute reports that almost 100 million new malware samples have been discovered in the past year alone, and over 90% of them could adapt their code in order to avoid being detected. Therefore, it is crucial that we do everything possible to maximize our security levels. 

Keep your passwords safe by making sure that you are following password security best practices. It is crucial that all of your passwords are as complex as possible. This will likely mean that you won’t be able to remember them all. With this in mind, using a password manager is the best way to ensure that all of your passwords are safe. Additionally, your servers or applications will most likely be compromised if you are not updating them regularly. To keep your servers secure, make sure that you are following the top server security practices.

5 Types of Two-Factor Authentication

1. Hardware-Based Systems

In systems using hardware-based authentication, the user is given a physical device that generates a series of rotating passcodes to confirm identity. Hardware-based 2FA systems are among the most secure currently in use. The user must have the actual device in their possession to access the passcodes. This is comparable to application-based solutions. Authorized personnel can also use ID badges to gain access to a facility or secure area. This is a less sophisticated hardware-based authentication, however.

The benefit of such devices is that only one individual using a paired set of credentials can operate them. If a user misplaced their hardware key, though, it can make this authentication technique vulnerable in some situations.

2. Biometric Systems

A biometric two-factor authentication system is widely used to manage access to physical sites (financial institutions, government facilities, etc.) or devices (tablets, smartphones, laptops, etc.). Users first enter a password or passcode. The system then uses a thumbprint, retinal scan, or even facial or voice recognition to confirm their identity. The biggest advantage of a biometric two-factor authentication system is that users always have the secondary component with them.

3. Third-Party Application Systems

Together with a strong password, third-party application authentication offers rolling security codes to protect your accounts and servers. The user enters their password and then the most recent code made available by the application, similar to text-based authentication systems - typically, these codes rotate every 30 seconds. In some apps, the user can even confirm a login attempt through push notifications. Since it is safe and allows instant access to the intended system without requiring a one-time password, many users prefer this method.

The Google Authenticator app and Verify are among the most popular third-party authentication service providers.

4. Text-Based Systems

Text-based two-factor authentication systems add an extra layer of protection. The user receives a one-time passcode in the form of a text message or email once they've entered the right password. The user then enters that passcode into a security dialogue, which allows them to successfully log in and gain access to the system. Biometric and third-party authentication are much more secure options, however.

5. Software Token

A software token is an authenticator program installed on an electronic device such as a computer or a tablet. It generates a one-time password (OTP), usually a 6- to 8-digit code. The authenticator applications often operate using a shared secret key known only to them and the server. The apps support OATH (Open Authentication) Event-based HOTP (HMAC-based OTP where HMAC stands for the Hash-based Message Authentication Code) and TOTP (time-based one-time password). OATH is an industry-wide collaboration that aims for the regular improvement of authentication standards. 

In order to access the data or program, the user must enter the generated code. The user does not need to manually enter the code if the software token app includes a push notification option that allows them to accept or reject requests. Select a software token with mobile push preference over others as it is more user-friendly and safe.

Examples of free mobile authentication apps include Google Authenticator, Authy, Microsoft Authenticator, and many others. 

When to Use Two-Factor Authentication

There are a lot of ways to protect your applications using two-factor authentication. For example, the majority of email providers support the use of 2FA to safeguard your crucial data. To keep your money and digital identity safe from theft and fraud, you should secure every credit card or banking account with two-factor authentication.

Protecting access to your passwords is one of two-factor authentication's most essential purposes. But because every website you use needs a different, strong password, most users use a password management system to keep all of their login information safe and secure in one place. But if your passwords are all saved in a single database, a security compromise might be disastrous. Using two-factor authentication is the key to keeping your password management system secure.

Setting Up Two-Factor Authentication

When setting up your account for the two-factor security, you give the security system a reliable means of contact (either an email address or phone number that is different from the login credentials for the system). The system sends a message via your alternate communication method with a one-time-use passcode once you've entered your password. The passcode is typically just a brief string of numbers, but because it is only accessible for a limited time, it is exceedingly difficult for a malevolent user to guess it. These are known as passcode challenge systems and they are the simplest two-factor authentication method to use.

Application-based systems can be slightly more difficult to set up, but if set up properly, they are much simpler to operate. Furthermore, application authentication is one of the safest 2FA methods.

Two-Factor Authentication at Liquid Web

Liquid Web systems support multiple layers of two-factor authentication. You can use two-factor security to safeguard your Liquid Web account (see Enabling Two-Factor Authentication for Users for directions for both My LiquidWeb and Manage). Additionally, you can enable 2FA on cPanel for your Premium Business Email account. Please be aware that our support team may have a more difficult time accessing your server when you enable 2FA. Keep an eye out for emails from our support team asking to access your two-factor authentication system if necessary.

For all of your most crucial systems and services, two-factor authentication methods add an extra layer of security. Even if hackers do manage to steal your login credentials, two-factor authentication will protect your system.

Act quickly and set up the two-factor authentication for your important systems today.