There is no such thing as too safe or too cautious for those who want their personal and business data protected online. With so many online accounts to keep, look after, and secure, it is good to have that option for a two-step verification (two-factor authentication). Based on experts who sell electronics, enabling this authentication will prompt the system to ask for additional information aside from your main password.
Here are five common two-step verification methods used nowadays.
1. Verification on SMS
With practically everyone owning a cell phone today, the SMS verification is the most common method for this type of authentication. Online services will prompt you to include your mobile number in your account details so you could receive an SMS whenever you log in. The message indicates the code you need to type in on the login screen before you can proceed. In this method, your mobile phone is the second step in the verification process.
Those without mobile phones can have a similar authentication option in some online services. A landline number that couldn’t receive SMS messages can be used for a code spoken by an automated system.
2. App-Generated Codes
For this method, temporary codes are generated and are used to log in. This is how Google Authenticator works for both iPhone and Android devices. The app generates new codes every 30 seconds and you can use the code to login with your password. Other similar apps like Authy works and includes encrypted code backups so you can switch phones with ease.
These apps are open-standard, which makes it possible for Microsoft accounts to work with the Google Authenticator.
3. Physical Authentication
This is a new option and something that experts believe to grow more popular by the day. A new standard called U2F makes it possible to plug an actual USB device to gain access to accounts like Google and Dropbox. Plug it in and press a button and you’re in – no codes necessary.
This nifty token works with NFC and Bluetooth for mobile devices that have no USB ports. The advantage of this physical authentication from the first two methods is its convenience and simplicity. You also eliminate the risk of your app-generated codes being captured by fake Google screens.
4. App-based Verification
Apple’s operating system uses app-based verification when you try to access your account from an unknown or new device. It generates a temporary code your registered device can use to verify the attempt to access it. Twitter also uses this when you enable login verification.
5. Email Authentication
Other online services like Steam uses the Steam Guard feature to generate temporary codes sent to a registered email address. This ensures you have the password to the app and the access to the registered email address before you could proceed with logging in.
6. Recovery Code
The recovery codes serve as a backup to a failed two-step verification. The codes must be written down, kept and used when needed. If you couldn’t get through the two-step authentication, you could use any of the codes in your list to gain access. Use a two-step authentication as an additional protection for your online accounts.