Sometimes we hear from a friend or family member that someone has accessed their account and changed their password, preventing them from logging in. You could avoid this and any other kinds of situations if you activate the two-step verification.
Two-step verification, also known as two-factor authentication (2FA), is a security measure that makes it more difficult for someone without authorization to access the personal account of a service that has this functionality.
When we activate this type of verification on a web service, in addition to using the password, it will be necessary to provide another unique code to conclude the access.
What is it?
This method consists of reinforcing the usual password that you must enter to log in to any website, social network, or online application.
With 2FA technology, in addition to that password, there is a second step that gives more security and prevents further unauthorized access.
If you have the two-step verification enabled, when you login, after entering your password, you will be prompted for additional authentication, hence the “two-step” feature. To give this approval, you must have configured your telephone number, as you will receive a code via text message.
Why to use it?
It may be the case that someone gets hold of our password, for example, through a phishing attack.
In this case, if we don’t have two-step verification enabled, a cyber-crook could access our account and carry out any action that could have negative repercussions, as in the eyes of the rest of the people we would have done it ourselves.
On the other hand, if two-step verification is enabled, the cyber-crook will not be able to access your account because, even if they have the password, they will not have the necessary code to complete the access process.
Two-step verification can be the difference between being a victim of a cyber-criminal and not.
Some things to consider
The disadvantage of using this security measure is losing the device with which we receive the verification code. In that case, each service has its recovery mechanisms.
This security measure helps reduce the chances of your account of getting compromised, but nothing is foolproof.
There are other precautionary measures such as configuring your router securely, avoiding connecting to unfamiliar Wi-Fi networks, not clicking and leaving personal data on links that come to us through WhatsApp, Gmail, or some other service to obtain supposed benefits or to reconfigure passwords that we never ask you to reconfigure in the first place.