Multi-Factor authentication is an additional safeguard used to protect your accounts. In conjunction with the use of strong passwords and password managers, multi-factor authentication (referred to as MFA) offers an easy to use and highly secure method of protecting your accounts and data.

What is multi-factor authentication (MFA)? MFA is using an additional means to identify yourself as well as authenticate against a site or service. True MFA is something that you know (such as your username and password) along with something that you are (such as a fingerprint, retina scan or facial recognition) OR something you have (such as a cell phone or other device). For a guide on password security, see my article on the topic here.

Almost all major sites and services on the internet today offer that ability to enable MFA. The most common forms of MFA for sites today are time-based one time password (TOTP) or SMS message verification. Of these 2 options, TOTP is more secure and what I prefer to use personally. TOTP adds to the authentication process a one time password that rotates at an interval of time (30 seconds is typical). This additional TOTP is entered after your username and password are successfully validated and acts as a second form of authentication (I wont go into the technical magic that makes this possible).

The TOTP option you install an app on your phone – something Google Authentictor, Authy or LastPass Authenticator – and enable the feature in the settings section under your favorite account such as your facebook. Once enabled, you use the authenticator app to scan a QR code that is displayed in your account once enabled. Thats it! The next time you go to log into facebook, you will need your username and password as well as the authenticator app and TOTP code that it generates.

The SMS verification option is a bit simpler in that you receive an SMS message to your phone after you successfully authenticate with your username and password and are prompted to enter the code you received before logging in completely.

Leave a Reply