One of the weakest links in online accounts is the password. You re-use them and make them easy to guess. Then if (when) there is a breach on a site you used your password you scramble to change it everywhere. Luckily there’s a better way to secure that password and it’s two-factor authentication.
As reported online, Amazon has just enabled this feature for all users.
How Does Two Factor Authentication Work?
Two Factor Authentication, also known as 2FA, two-step verification or TFA (as an acronym), is an extra layer of security that is known as “multi factor authentication” that requires not only a password and username but also something that only, and only, that user has on them, i.e. a piece of information only they should know or have immediately to hand – such as a physical token.
Using a username and password together with a piece of information that only the user knows makes it harder for potential intruders to gain access and steal that person’s personal data or identity.
Historically, two-factor authentication is not a new concept but its use has become far more prevalent with the digital age we now live in. As recently as February 2011 Google announced two-factor authentication, online for their users, followed by MSN and Yahoo.
Many people probably do not know this type of security process is called Two-Factor Authentication and likely do not even think about it when using hardware tokens, issued by their bank to use with their card and a Personal Identification Number when looking to complete Internet Banking transactions. Simply they are utilising the benefits of this type of multi factor Authentication – i.e. “what they have” AND “what they know”.
Amazon offers two ways to obtain your second factor – either via SMS/text message or a third-party authentication application such as Authy.
I use Authy which is cross-platform and allows me to sync authentication tokens to both my Android and iOS devices.
Once two-factor is enabled, you’ll sign into Amazon with your regular password plus a one-time-use authentication code generated within Authy (or the application of your choice) In this way your account is more secure since someone who has your password would also need the single-use authentication code.
Two-factor authentication is something you should active on every account. Google, Evernote, Lastpass, DropBox and many other sites already offer this method to secure accounts. Once you are in the habit of generating two-factor codes for one account it’s usage is much becomes second nature – and your accounts significantly more secure.