What is Two Factor Authentication?


For many websites and systems you are required to provide two pieces of information:

  1. A way of identifying yourself, such as a username or email address. This information isn't private.
  2. A private text string as a password. This is the first 'factor'

The consequences of this are that a hacker only needs to find the one private password to open up access to your account. In addition we all find changing passwords a hassle, and we're not supposed to write them down.

Lets add a second factor, another piece of information which is even harder to know. In this case a random number which is re-generated every 20 seconds

  • Here's an example: 345 997

How does this work?

  • Your website, and you, need to join a service which generates a random number.
  • This needs to work for both of you simultaneosly.
  • You enter your random number into the system or website
  • The website compares your number with it's own number (from the same source)
  • If they match, you get in. If not you don't
  • The random number changes every 20 seconds so making it very difficult for a hacker to guess

Getting Set Up


1. Find yourself an Authenticator app, here are some to look at https://smartphones.gadgethacks.com/how-to/5-best-two-factor-authentication-apps-for-iphone-android-0186751/

Personally I used the Microsoft Authenticator on my iPhone which works fine.

2. Enable '2FA' on the website

The website will show a barcode which you scan with your app. The app then registers the site and starts generating the number sequences.

3. From then on

Each time you login, once you complete your username and password check, you will need to open your authenticator app and enter the corresponding number. 

Image

This is from the iPhone app - when I took the screenshot the app hid the random numbers - clever.

contact us

Whether your project is tiny or huge, Brandex has the experience and capabilities to handle it. We love talking about new projects; ask us for ideas and advice.

branding & design

Visual design, logos, fonts, colour palettes,  print,  exhibitions, office interiors, websites

messaging

Audience analysis, core messages, elevator pitch, value proposition, competitor analysis

content

Strategy, authoring, copywriting, distribution

websites

Conceptual design, wireframes and clickable prototypes, on-line stores, build, test, deployment and hosting, maintenance

traffic

Keyword analysis, traffic sources, search engine performance (seo), website analysis, paid traffic campaigns (such as pay-per-click, LinkedIn and Twitter)

leads

Layered content strategy, landing pages, gated content, progressive profiling, on-line tracking, scoring, qualification and pipeline management

public relations

Media engagement, press releases, crisis management, content creation, awards

get in touch