What is two-step authentication?

It is very unpleasant to imagine, even for a moment, a situation in which an outsider gains access to your personal account on a PC. After all, in this case, the attacker can:

  • view personal correspondence;
  • copy photos intended only for a narrow circle of people;
  • contact friends on your behalf to ask them for money or send them malware;
  • reset passwords to take over your accounts in social networks or services you have paid for;
  • finally, get access to bank cards.

As a result, it can not only deprive you of funds, but also discredit you in the eyes of friends or colleagues. To prevent this from happening, it is recommended that you protect your accounts with two-step or two-factor authentication. Let’s consider their types and differences between them.

How two-step authentication works

Two-factor authentication is a two-step or two-step process for protecting your accounts: entering a password and verifying your login with additional methods/devices/apps.

The principle of operation of two-step authentication is that after successfully entering the password, the system offers to proceed to the next confirmation step.

Note. Some users and even developers equate two-step and two-factor authentication. However, there are significant differences between them.

  1. Stages, steps of two-factor authentication can include the same factor, such as entering a password. And in multi-factor authentication, the factors are different. Read more about the factors in the article “Twо-factor authentication”.
  2. Unlike two-factor authentication (2FA), two-step authentication (2SV) activates the next step only if the first step is successfully completed. That is, two-step authentication is much weaker than two-factor authentication, where the attacker cannot be sure that one of the steps was completed successfully. However, if the second stage is chosen correctly, the 2SV method can be quite reliable. But for enhanced protection, we recommend enabling 2FA on all services where support is available from the services used.

What are the ways to confirm the second stage

The best-known two-step authentication methods today are collected in the following list:

  • SMS password.
  • Voice call to phone.
  • Phone confirmation.
  • Mobile applications that generate one-time codes.
  • Tokens or hardware security keys.

Let’s consider how they work, their pros and cons.

SMS password

The principle of operation of this protection is simple: after entering the login and password, the service offers to enter a code from SMS, which is sent to the number registered in the account. Today, SMS is the least effective means of verification due to the development of social engineering.

What to do if I do not receive an SMS when connecting two-step authentication? This is usually a technical problem that can be solved in the following ways:

  • make sure that you entered the number correctly, that you did not make a mistake in the code, number;
  • maybe you need to remove the spaces between the numbers or, conversely, add them (check the number specification format in the instructions);
  • check if you have not put your iPhone in flight mode;
  • clear the phone’s memory, sometimes SMS are not received due to the limitation of the number of messages;
  • try restarting the device (helps in many cases);
  • check the functionality of the SIM card (sometimes old cards still accept calls, but not SMS), if necessary, replace it.

A call to the phone

This method is often used by banking services to confirm transactions. They operate according to the following principle:

  • The user receives a voice message with instructions, for example, to enter a few digits from the incoming number.
  • Or you may be asked to confirm the transaction by pressing a number during the call.

The reliability of this method is conditional, for the reason indicated in the previous block.

Phone confirmation

In this case, the user will need a smartphone that supports the latest versions of Android (the pop-up window feature) or an iPhone 5S (seventh generation) if you want to enable two-step authentication on Apple. Unlike codes, messages in this case appear in a pop-up window where you need to perform an action by following the prompts. You’ll also need Bluetooth turned on — it’s needed by the services to determine how far the phone is from your computer where you’re signing in. Therefore, when prompted by the corresponding service, turn it on.

Mobile applications that generate one-time codes

Each service that supports this method of two-step authentication usually offers the user a list of supported applications. The most popular of them are:

  • Google Authenticator;
  • Microsoft Authenticator;
  • Duo Mobile.

Also, some services can support their own developments.

Tokens or hardware USB security keys

This is one of the newest and most reliable tools available today, suitable for both two-step and multi-factor authentication. In essence, the key is an identity card, so it can be used with or instead of a password. Using such a key is very simple: just insert it into a USB socket or connect to the device via NFC and touch the key. The principle of operation of hardware keys is that they generate closed ciphers (or electronic signature) directly on the device and transmit their open part to services that request a password after user authorization.

Decrypting the private key is extremely difficult, hackers will need the physical key itself, time and expensive equipment. Considering that if the key disappears, the owner will have time to reset the passwords and reset the protection, hardware keys remain the most reliable way to protect accounts today.

The best tokens are the YubiKey keys from Yubico – they can generate one-time passwords and support asymmetric encryption. This is the choice of such large companies as Google and Facebook, which use security keys to protect the accounts of their employees. In addition, these tools are already supported by thousands of services.

Learn more about YubiKeys.

How to enable two-step authentication on different services

Consider the connection of two-step authentication on the most popular services. If the app you’re using doesn’t appear on the list, try to find a way to enable two-factor authentication using the instructions below. Or contact your service support.

Two-step authentication in Google services

Google services are the most popular in the world, including: search engine, translator, cloud storage (Google Drive) and YouTube. Gmail is less popular, but without registering in it, access to some services is limited. In addition, two-step authentication on Gmail is available, it is connected automatically in the Google account settings, so users can be sure that hackers will not gain access to their other accounts by resetting the password on mail.

To protect your Google account, two-step authentication is recommended by the service itself during registration or authorization on new devices. The instructions for today offer the following solutions:

  • one-time password in a text message;
  • the password in the voice message during the call;
  • confirmation using a smartphone;
  • password generated in applications;
  • Yubikey security USB keys.

To enable two-factor authentication, either follow the provided prompts during registration, or if you choose to do so later, log in and find the “Security” tab in the left panel of your account.

Next, in the “Sign in to a Google Account” section, select the “Two-step authentication” section and click “Get Started”. Now you can choose the most convenient authentication method for you and use it by following the prompts on the screen.

Regarding two-step authentication settings on YouTube and other popular Google applications, it is done automatically when you enable two-step authentication in your Google account.

Two-step authentication in Telegram

Telegram is considered one of the most secure messengers. After a failure in the Facebook social network, 70 million users joined it in a short time. However, the protection of the Telegram accounts themselves is not very reliable, as it is carried out through SMS login confirmation on new devices. Therefore, it is recommended to install an additional one. Telegram supports another password as a second step.

The way to connect two-step authentication to Telegram is as follows: “Privacy” — > “Two-step authentication”. You will then be prompted to enter a password and confirm it. Then add an active mail, and you need to confirm additional actions after receiving the code. After that, you will see that the password has been successfully set.

We recommend that you change this password from time to time, and also protect the mail, to which you can recover a forgotten password with the help of YubiKeys. If, of course, you use Gmail as a mail service.

Also, just in case, hide your Telegram number from view. So that attackers cannot find out which number the account is opened for, intercept SMS or forge a SIM card.

Two-step authentication on Binance

Binance is the world’s leading digital asset trading exchange. On this platform, you can enter into agreements on the purchase and sale of cryptocurrency, engage in investments, charity and much more. Of course, accounts on this platform need reliable protection, so there are several methods of two-step authentication on Binance.

  • Own application that generates one-time codes.
  • Phone confirmation.
  • Confirmation by mail.
  • YubiKey security keys.

The method of connecting two-step authentication here is similar to the previous ones: after authorization in the profile, you need to find the “Security” tab, and then choose the most suitable option for you.

Results

  • Two-factor authentication is a more secure account protection than passwords.
    Services and services offer different ways to protect accounts and can be found in your profile settings, usually under the “Security” section.
    The most reliable way of protection is YubiKey hardware keys.

If you want to know more about YubiKey keys, go to the page with their description or contact our managers!

New challenges and threats of modern cyberspace in the era of ChatGPT: how is the criminal’s portrait changing?

OpenAI introduced GPT chat version 3 in late 2022, based on large language models. He knew how to hold a conversation like a real person, communicate in many languages, pass exams, write software code and even blog. Already after 2 months, the number of his supporters...

Cybersecurity outsourcing – is it really dangerous and expensive?

Cybersecurity is a constant race against the clock: hackers find vulnerable chains and try to gain access to confidential information, while security experts build security systems that attackers try to break into after a while. And this happens all the time....

What businesses need to know about information security – an overview of technical tools

Unauthorised access to personal information, financial accounts or trade secrets can cause a lot of damage. This can lead to large losses due to the loss of reputation and financial assets, violation of user privacy, etc. Therefore, every person, organisation, business or financial institution must take care of data protection.

How the YubiKey protects against brute-force attacks: technicalities of attacks and key encryption

How the YubiKey protects against brute-force attacks: technicalities of attacks and key encryptionBrute force attacks are one of the most common hacking methods. It is considered one of the simplest, because in fact, in order to start an attack, an attacker only needs...

How to choose a quality USB token or security key

What is a USB token and how to use itThe concept of a USB token Since protecting accounts with a login and password has long been outdated, back in the early 2000s, many manufacturers began to offer USB tokens as an alternative solution. These are hardware keys for...

Two-factor authentication

Two-factor authentication Two-factor authentication In the modern world of computer tech, when it comes to information and personal data protection the use of passwords only is no longer reliable. It’s no secret, that even complex combinations of words, digits and...

Yubikey smart card mode without additional equipment

The idea of the first smart card was patented by the French inventor Roland Moreno back in 1974. Today, we already use this technology every day and cannot imagine how we can do without it: SIM cards, electronic travel tickets and passports, keys to hotel rooms, employee passes of closed enterprises, and bank payment cards work in smart card mode.

As a security key Yubikey protects against phishing attacks

As a security key Yubikey protects against phishing attacksPhishing (from the word “fishing”) or a phishing attack is one of the most dangerous and at the same time common social engineering methods used by cybercriminals. It is based on mass mailings of e-mails and...

How to protect your password from theft

The password is the first degree or first factor of protection against account hacking. It's very important to take care of its security, because if hackers steal your password, your personal data, documents, important correspondence and much more will be at risk. In...

What is multifactor authentication?

What is multifactor authentication? What is multifactor authentication and when is it appropriate to use it Account protection with the help of one factor – a complex password – ceased to be reliable about two decades ago. Therefore, network users are recommended to...