Secure Your Accounts Using Multifactor Authentication

by Posted on
person with smartphone

People typically have multiple logins for accessing computers, smartphones, and other devices, apps, and online services. The most common login methods include:

  • Username and password
  • PIN
  • Biometric authentication (fingerprint or facial recognition)

A username and password is the most widely used method for accessing devices, apps, and services. However, poor password habits like using simple, common passwords, the same password used multiple times, or sharing passwords insecurely are also fairly common.

Weak passwords, falling victim to a phishing attempt, or other online scams may result in someone hacking your devices or online accounts. Two-factor authentication can help improve your login security.

What is multifactor authentication?

Multifactor authentication – or MFA – adds another layer of security to your logins. In addition to your username and password (something you know), MFA requires supplemental information from an external source that only you can access (something you have). This extra security credential is known as a time-based, one-time-use password (TOTP). MFA is sometimes also referred to as two-factor authentication or 2FA.

Some options for obtaining a MFA one-time use password include:

  • An MFA password or “code” sent via text or email by an online service
  • Authenticator apps or devices that generate an MFA code
  • Password manager apps with a MFA code generator included

Multifactor authentication (MFA) uses something you know (username and password), something you have (a hardware or software generated key or code), or something you are (a fingerprint or your face) to augment account security.

Let’s examine how MFA works.

password security

How does MFA work?

Multifactor authentication requires you to provide a four to eight-character code, in addition to your username and password, when signing in to a device or online service. Some products and services supply their own MFA framework and will send a code to the email address or phone number in your user profile. Once you receive a code, you can enter it on the app or website to finish logging in.

Other products and services require you to supply a code created by an external authenticator app. Google and Microsoft have authenticator apps you can download and use for free. Several password manager apps have a MFA feature built-in.

There are several steps required to set up and use an authenticator app:

  1. Install the authenticator app on your mobile device.
  2. Log in to the website or online service you’re using and enable MFA for your account. This step typically requires you to register your mobile device with the online service.
  3. The online service generates a secret key and displays both the key text and a QR code.
  4. Open the authenticator app on your mobile device.
  5. Create a new entry for the online account.
  6. Enter the key text OR scan the QR code.
  7. After entering or scanning your secret key, the authenticator app generates a unique MFA code for the online service. 
  8. Enter the code when prompted by the online service.
smartphone and QR code

Other Multifactor Authentication Options

In addition to site-based MFA and authenticator apps, you can also use:

  • Hardware-based authentication.
  • Biometric authentication.

YubiKey is a hardware-based solution (something you have) that generates and stores authentication codes. YubiKey comes in two forms: a dedicated model that plugs into your computer’s USB port (USB-A only) and a more portable model that attaches to your keychain and plugs into your computer’s USB port (supports both USB-A and USB-C). The YubiKey keychain model works wirelessly with your smartphone, too, using NFC (similar to AirDrop), allowing you to use your YubiKey to log in to websites and mobile apps.

Biometric authentication uses something you are, such as your fingerprint or your face. Some apps use your mobile device’s fingerprint reader or facial recognition to log in to your account, bypassing your username and password. However, it’s worth noting that you will need to log in with your username and password first and then enable biometric authentication for future use.

Need help setting up MFA? Prime of Life Tech can help you set up and use multifactor authentication for your apps and online accounts. Contact us or schedule an appointment for assistance.

Copyright © 2020 Prime of Life Tech

Published by Patrick Baker

Patrick Baker is an IT consultant, Technology Simplifier, and founder of Prime of Life Tech, providing training and support for older adults and caregivers. He started Prime of Life Tech in 2019 and has over 30 years of experience in information technology. Patrick is also a speaker on older adults, technology, and age tech. To schedule an appointment, please visit the Appointments page.