🛡️ What is Two-Factor Authentication (2FA) and Why Everyone Should Care About It
While researching for this article, I repeatedly encountered two terms: authentication and verification. Which one is correct, authentication or verification? The answer is: both.
Authentication comes from ancient Greek (authentikós, reliable) combined with Latin (facere, to make) and means proving/verifying a claimed property of an entity. This entity could be a device, document, information, or person. Through the contribution this entity makes, the verification is carried out.
Authentication thus refers to proving an identity, while verification checks this identity for authenticity. Visually expressed, it looks like this:
What is 2FA?
Anyone who doesn't still run to the post office with their yellow booklet at the end of the month has already encountered two-factor authentication. Every time you enter your username and password for e-banking, you had to take out the small device, insert the card, enter the PIN, and then a number appeared on the display that you had to enter on the device in front of you. Today, this device is largely obsolete as Face ID, fingerprint, and other methods have taken over. However, the principle remains the same: a second step is required for successful login.
Why is 2FA Important and Why Does it Exist?
Imagine this: Your password gets leaked and, against all recommendations, you use the same password everywhere and don't use a password manager or similar tools. Then your e-banking, online shopping, etc. (since it's all the same) would probably be offered for sale somewhere on the dark web and subsequently used. Without the small device mentioned earlier or Face ID, fingerprint, SMS, and all the other possibilities for two-factor authentication, someone would now have access to your data. This data could include your bank account, credit card information, etc. 2FA definitely makes sense, everywhere it's possible. A password manager is also essential, as are passwords that don't consist of your first and last name plus birth year, but include special characters, upper and lower case letters, and a certain length. If you're wondering whether your password has ever been stolen, we recommend checking this website (there's also a German version of the site). For password managers, Bitwarden is recommended, though there are also very good alternatives.
Two-Factor Authentication Options and Recommendations
Currently, these are the available options for two-factor authentication:
- 2FA via Authenticator App
- 2FA via Email
- 2FA via SMS
- 2FA via Voice Recognition
- 2FA via Biometrics (Face ID, Fingerprint)
- 2FA via Push Notification
- 2FA via Software Token/TOTP (Time-based One-time Password Algorithm)
- 2FA via Hardware Token
Authenticator apps are considered one of the most secure methods for two-factor authentication. This is because before the actual login, you must open the app and enter the code it provides on the respective site within the time the code is valid (usually 30 seconds). If you enter the code after it expires, access is denied and you start over.