page top

Two-Factor Authentication, what is it and why you need it.

Attention: open in a new window. Print

With the current technology climate changing and with the advancement of software, keeping your bank accounts secure is becoming more difficult. Two-Factor Authentication (often shortened to 2FA) is not new, but it is gaining momentum as bank accounts are left exposed with weak or poorly secured passwords. Whether it be your bank accounts or social media accounts, the 2FA, also known as Two-Step Verification, provides an extra layer of security to ensure that it's you logging into your accounts.

Currently, most people login to their online account with a username and password. This is called Single-Factor Authentication. You only need to take one step to verify that you are who you say you are when logging in.

Two-Factor Authentication means that you need to take an additional step to verify that it is you logging into your account. Generally, this is another passcode and something else such as a code sent to a different device or fingerprint.  

How do I set up Two-Factor Authentication?

Many online platforms will automatically prompt you to set up 2FA when creating the account. However, some do not offer this option on sign-up, so you will need to set it up yourself. Generally, you can find the option to switch on 2FA in the security or privacy settings of your online account. 

There are several types of 2FA available based on either something only you know, something you have or something you are.

Examples include:

  • SMS codes sent to your phone
  • Security questions set up by you, which only you would know the answers to when prompted
  • A physical device, like a security token that generates temporary access codes
  • Software, such as an Authenticator app, that sends a notification to your smartphone (or tablet) or provides a temporary access code — once you've installed one, you can often use the same app when setting up 2FA on other accounts which offer this option
  • Fingerprint scans
  • Voice recognition

Why is 2FA necessary? 

Although this process will add a second step to your log-in, it provides a more vigorous defence for your account. Many users repurpose their password for multiple sites, which can expose them to potential password theft. If your password is compromised (accessed by someone else without your permission) and you have 2FA activated, the hacker still cannot gain access. They will need both forms of authentication to get into your account, increasing your safety and security online.

Source: https://www.cyber.gov.au/acsc/view-all-content/guidance/use-two-factor-authentication

 

Back to all articles