What exactly is two-factor authentication and what started it? Two-factor authentication occurs when you are asked to use two types of identification to log into a website or open your email. It started because people used weak passwords or no password.
Typically the first factor is a password. As a reminder, your passwords should use numbers, uppercase and lowercase letters, and symbols. They must not be any kind of dictionary word and have at least 12 characters, the longer the better. You should never reuse a password. If used correctly, you will need a password manager to remember them all. Getting one is worth it.
The second factor can vary widely from fingerprint or facial recognition to the website sending you a numeric code via text message or email that you must enter on their website as part of the login process. Google, Microsoft, and others are working on other authentication methods that will be secure and make it easier for the end user.
The best type of security is the one that people will use. Two-factor authentication takes a little longer to log into a website, it will add 15-30 seconds. That time would be time well spent protecting your safety. Websites; Banks, financial and healthcare sites especially want to make sure that when a user logs in, they are the right person. This is very difficult to do with just one password. Think of all the passwords stolen in the past year due to hackers.
This is where your phone is used to confirm your identity. Let’s say you log into your bank’s website. If you use your phone for that login, your fingerprint or facial recognition can be used to identify you. If you use a desktop computer, they will generally send a numeric code to your phone that you use during the login process. In any case, you gave the bank your mobile phone number, so they have at least some assurance that it is you. Also enter your password that matches the one the bank has on file. This is how two-factor authentication works, two types of identification.
As I said earlier, websites and companies are working to make this login process easier and more secure. This is difficult work, as it is not always easier and safer to work together.