Two Factor Authentication (2FA) is a technology that, as its name suggests, uses two different authentication methods to verify identity. This method significantly increases the level of security, for example when using online services. A username and password alone are no longer secure enough to identify a user's identity - especially as the most common passwords in the world are still "123456" and "password".
It is up to the service which two-factor authentication method is supported. The most common option is an email password when logging in. When a user enters their username and password to the new service from an unfamiliar device, the service will also ask them to enter the pin code sent to their email. Some services use their own phone apps for two-factor authentication. Another example familiar to every Finn is the online banking key-lock lists, which require you to enter your PIN every time you log in, depending on the bank.
Two-factor authentication or multi-factor authentication relies on some method to verify the identity of the user in addition to the username and password. The most common methods are the so-called. Time-Based One Time Password (TOTP) or HMAC-based One Time Password (HOTP).
TOTP is an algorithm that calculates the authentication key using a secret algorithm and time of day shared between the devices and the server.
HTOP is an algorithm that uses the Hash-based message authentication code (HMAC) method to calculate a certificate.
The most common 2FA application is Google Authenticator, which uses both of the above algorithms to calculate the certificate.
In business use, authentication with a physical device has often been used. An example of this is the YubiKey key, which is required to be read via USB port or NFC when logging in.
I recommend that you implement two-factor authentication in all services where it is possible. Below is a list of simple instructions on how to deploy 2FA for the most common services.
Facebook supports its own two-step authentication, which works in practice via SMS or the Facebook Mobile app. You can also use Google Authenticator or Duo Mobile if you prefer. Choose the option that's right for you.
Commissioning:
Google supports several different 2FA methods, but the most common option is to use Google's own 2FA feature on Android phones. This method works so that when you sign in to your Google Account, you'll receive a notification on your Android phone of a new sign-in attempt. If it was you, press "Yes" to log in. As a new feature, Google has also added the ability to sign in using your phone. You just enter your email address and confirmation is done via your phone. Allan you can see how this will be implemented.
Commissioning:
Instagram supports Google Authenticator and SMS verification.
Commissioning:
Snapchat supports Google Authenticator, as well as SMS verification.
Commissioning: