What exactly is two-factor authentication and what started it? Two-Factor Authentication happens when you are required to use two types of identification to log into a web site or open your email. It was started because people were using weak passwords or no passwords at all.
Normally the first factor is a password. As a reminder, your passwords should use numbers, capital and small letters and symbols. They should not be any sort of dictionary word and be at least 12 characters long, the longer the better. You should never reuse a password. If used correctly, you will need a password manager to remember them all. Getting one it is well worth it.
The second factor can vary widely from fingerprint or facial recognition to the web site sending you a numeric code via text or email that you must enter into their web site as part of the log in process. Google, Microsoft and others are working on other methods of authentication that will be secure and make it easier for the end user.
The best type of security is the one that people will use. Two-Factor Authentication takes a little longer to log into a web site, it will add 15-30 seconds. That time would be time well spent to protect your security. Web sites; especially banks, financial and health care sites, want to be sure that when a user logs in it is in fact the correct person. This is very difficult to do with just a password. Think about all the passwords stolen last year due to hackers.
This is where your phone is used to confirm your identity. Say you log into your bank’s web site. If you use your phone for that login, your fingerprint or facial recognition can be used to ID you. If you use a desktop computer, they will usually send a numeric code to your phone that you use during the login process. In either case you gave the bank your mobile phone number, so they have at least some assurance that it is you. You also enter your password that matches what the bank has on file. This is how Two-Factor Authentication works, two types of identification.
As I stated earlier, web sites and companies are working to make this login process easier and more secure. This is a hard job as easier and more secure don’t always work together.