Authored by: Support.com Tech Pro Team
Protecting your online services and identity on the internet is becoming increasingly important in our modern world. In many ways, the various services and devices we use are simply extensions of ourselves.
Keeping your accounts safe is tricky, though. Computers aren't all that smart, and require you tell them who you are. Then, they challenge you to prove it.
When it comes to your digital accounts, adding an extra layer of security, in the form of extra challenges that are more difficult or specific to you, makes it easier for the various services to know, with confidence, that you and only you could be accessing your account.
This guide will give you the basics on what multi-factor authentication is, what two-step verification is, and generally how to set it up for common services you may use.
To understand Two-Factor Authentication, it's best to understand how a computer handles authentication in the first place, using just your password.
Remember, for the most part, your computer is blind and deaf when it comes to passwords; it can't see you (and even if it could, it doesn't understand faces like people do), and it can't hear your voice (nor really recognize it as yours like humans do).
The first thing your computer or online account does is ask who you are. This is your Username, or Email address. This is usually considered, by the computer, 'common knowledge'. In other words, it is shown to you directly, and the computer assumes other people will know your username. In many cases, this is your Email address anyway, and that's how other people reach you!
Now, the computer knows what account to look under. So it asks you to prove that you are that person. It asks for your password.
Think of it a bit like a lock and key. Your account has a lock on it, when you put in your password, it's just like putting in the key and unlocking everything that's in your account.
But, there's the problem: Keys. Keys can be easily copied if they're digital; and in the case of your password, it's just text. Plus, people can eavesdrop over your shoulder to see your password, they can guess it from knowing a little bit about you, or they can get your password from another compromised account.
Just like in the real world; a lock and key system will keep honest people out. Dishonest people, though, have little-to-no qualms about bypassing a lock entirely, or stealing a key. Given that your online accounts are, by their very nature, exposed and made available to billions of people online, it's safe to assume a few of them are dishonest.
When it comes to your most important online accounts, a lock and key may not be enough. This is where Multi-Factor Authentication comes in.
For your most important digital accounts, you want more than lock and key security. You'd rather have a security guard, or bouncer, checking everyone's ID as they come in and making sure they're who they say they are.
Two-Factor Authentication provides an extra layer of security. Instead of a simple password, your computer or online service knows about a couple different things and can verify that the person who signs in is, in fact, you.
In Single-Factor Authentication, there's only the username and password. Everyone knows what your username is, so the only piece of 'secret' information is the password. In two-factor authentication, there's a second step, usually verification through another type of communication, to make sure you are the one using that password.
Multi-Factor Authentication, in this case Two-Step Verification, provides an extra check at the door. In this case, anyone who wanted access to your account would need to know your username (easy), your password (hard), and have possession of your unlocked smartphone (very, very difficult).
Keep in mind that this is just one example of how Two-Factor Authentication works with one service. Many different online accounts offer Two-Factor authentication, and their process for authentication may vary. Most services will make it very clear what the login requirements will be upon enabling Two-Factor authentication to prepare you for future login attempts.
Before continuing, it's best to mention immediately that Multi-Factor Authentication does not make a weak password strong. The best practice is still using complex and hard-to-guess passwords.
Always keep the following password management best practices in mind:
Two-factor authentication is an extra layer of security for your Apple ID. The first layer is your password, this second layer is a special code or prompt displayed on your iPhone. Enabling Two-Factor Authentication for your Apple ID helps prevent unauthorized use of your account.
We have a detailed, step-by-step guide to help you setup 2-Step Verification on your Google account.
Clicking this button will open a new guide that will provide you with steps to resolve your issue.