3aIT Blog

Following the Yahoo data breach, you may have heard the advice that you should enable two factor authentication on your various online accounts. This month, we'll explain what this means.

In basic terms, two factor authentication puts a second "lock" on an account in addition to your password. The way this usually works is that you are sent a code when you first sign into a service that you have to input along with your password. The code is can be sent via email, SMS or via an app depending on the service. It could also involve things like USB sticks or biometrics. It's possible that you'll have also used a device that generates a code for online banking.

This means that knowing just your password isn't enough for an attacker to access the account in question. They also need to know this code. Of course, if the service uses your email address to send the code, and you use the same password for this, there's still a easy route in for the attacker. This is a very good illustration that, even if you generally tend to use the same password for online services, you really should ensure at least your email password is different to the others.

Many popular services let you enable two factor authentication. These include Amazon, Google, Microsoft, Facebook, Twitter and Netflix. However, this tends to be an optional service rather than enabled by default.

We recommend that you enable this whereever possible. It might seem like a hassle at the time, but it's a lot easier than trying to regain access to your account after it has been stolen. After accessing the account for the first time on your usual devices, you generally don't have to worry about it again until you get a new device.