Two-factor authentication

October 30, 2018

Two-factor authentication, or 2FA as it is commonlyabbreviated, is a basic log-in procedure that is based on two factors. Hence the name. One factor can be a username and password. Another factor can be a code.Why two factors? Because the two factors combined minimizes the probability –the ‘risk’ – of someone else being able to authenticate themselves as you. The combination of these two factors makes your account more secure.

Two-factor authentication protects your account from being compromised if someone steals or guesses your password. If you have activated 2FA, then, in order to log in, you need to enter a security code generated onyour mobile phone, a physical token, or a prompt on your mobile phone whichneeds to be touched and verified in addition to your regular password.

There are broadly three types of authentication that arecommon and widely used:

- Object authentication such as a card or a fobkey

- Memorized authentication such as a string ofnumbers and letters you are able to remember

- Biometrical authentication such as your voice,fingerprint, face or retina.


Two-factor authentication is nothing new, however. Justthink about how you would use your debit or credit card when making a payment. Youfirst need to provide an object, the card, and secondly you have to providesomething you have memorized, the PIN code. But continuously re-using the samecode raises a number of security issues, and technology provides better ways tosecure accounts.

Now, codes are typically generated in an app on your mobilephone and can only be used once. A new code is generated every few minutes whenolder codes will expire. This means that if someone, for example, records yourkeystrokes or watches over your shoulder to obtain your password and two-factorcode, they still will not be able to log in as you.

But just how safe are these apps? Some popular apps are:LastPass Authenticator, Google Authenticator, Authy, and 1Password. But the latterone stores the password and the code in the same place, which raises someissues.

Other online services let their users create backup codes [TS1] whichcan be memorized or printed. This backup code can then be used even if youdon’t have any signal on your phone or your phone is lost. But how safe can youkeep this code?

How to use it in Privacy Nexus

At Privacy Nexus, we let you use the authentication app of yourchoice[TS2] .You can scan our QR image with your authenticator app or enter the code thatwill be generated underneath it. This causes the authenticator app to startgenerating random 6-number codes. Enter the appropriate 6-number code intoPrivacy Nexus and the following message will show up to confirm that you have activated 2-Factor Authentication.

Easy and quick.

Click here for more information about Privacy Nexus