Hacker attacks regularly make headlines in the media. Hackers on the web are able to steal and spy on thousands of email addresses and passwords from major platforms, forums or online stores, thereby gaining unauthorized access to the accounts of their victims. These so-called phishing attacks allow criminals to gain access to sensitive data. One of the most secure ways to protect your accounts from hacker activity on the internet is through the two-factor authentication process: this means that accessing an account is only possible through two credential checks. In our article, we explain what double authentication means, how it works in practice and what its advantages are.
Table of Contents
What is two-factor authentication?
Two-factor authentication combines two different and independent components to authenticate an authorized user. We encounter a simple example on a daily basis: the pin code (or signature) and a debit or credit card. Two-factor authentication is successful only if the two are properly combined. The same principle can also be used to secure email accounts, accounts in online stores or on many other web portals.
How does two-factor identification work?
The components and factors required for access can be many and varied. The most important and common factors for two-factor authentication are:
- Token (an identifier) or access card
- PIN (Personal Identification Number)
- TAN (transaction number)
- Password
- Biometric characteristics (e.g. fingerprint, voice or iris)
All of these factors require you to have or know something in order to be identified successfully. Before two-factor authorization was invented, services primarily used passwords to authenticate users but passwords are often forgotten.
For this reason, two-factor authentication on the web increasingly uses methods to identify users without the need for traditional identifiers: in general, the system generates an automatic code instead of a password. It is sent to the user on his smartphone, either by SMS, email or via a specific authentication application. This ensures that only the person in possession of this additional security code has access to it. The advantage: the code is only valid once and automatically loses its validity after a certain period of time.
Why is two-factor authentication important?
Obviously, there’s always a risk when it comes to securing an account; so why set up double identification? The answer is obvious: this method adds an additional layer to the identification process: it is a second hurdle so to speak, which unauthorized persons must overcome. Additionally, almost all phishing attacks fail because of this two-factor identification.
When phishing hackers try to get passwords, PIN and TAN codes via fake emails containing links to websites configured in advance. The emails pretend to be from genuine banking services or real online stores and usually ask for an identification factor to be changed, supposedly for security reasons. In reality, the passwords, PIN and TAN entered are being spied on. But if the user utilizes two-factor authentication, those passwords and pins are useless since the hacker won’t be able to get past the second authentication method.