Many online service providers now offer strong two factor authentication/ (“two-step” or “two-factor” authentication) to their users to secure access to their account. A method that protects against password theft and its risks: such as identity theft or data theft. What is two-factor authentication? What are its advantages and how to activate it on the most used services on the web? Explanations.
What is two-factor authentication?
- Protect against unauthorized access
For which users?
- Two-factor authentication: practical benefits
- Strong authentication on Google services: Gmail, Drive, etc.
- Two-factor authentication for Microsoft services
- com, Skype and Skydrive
- Enable two-factor authentication on LinkedIn
- Two-factor authentication on Facebook
- Two-factor authentication on Twitter
- Two-factor authentication on WordPress
- Two-factor authentication on Dropbox
What is two-factor authentication?
On the web, two-factor authentication (or strong authentication) is a process that uses two verification steps to secure access to a personal profile attached to a messaging service, storage space, social network, etc.
After a first identification step (identifier / password pair), there comes an authentication step which conditions access to the user account. It requires to fill-in a form- a password of confirmation of one-time confirmation sent:
- by SMS on phone,
- by email,
- on an authentication application for smartphone.
- Protect against unauthorized access
The implementation of strong authentication therefore aims to protect users against:
- identity theft (by social engineering, the installation of malware),
- accidental leakage of identification data (eg loss of material),
- the loss of credentials resulting from the hacking of an online service.
Strong authentication protects against attempts to connect to online services from / from unusual terminals / browsers.
For which users?
- Professionals accessing sensitive documents online (eg documents stored on DropBox).
- mobile users exposed to the risk of password theft: (eg use of unsecured WiFi hotspots)
- Companies on social networks (Facebook, Twitter), who are exposed to risks in terms of image if their access is usurped and their account hijacked.
Two-factor authentication: practical benefits
- Easy implementation
- Disable at any time
Two-factor authentication is configurable. Some providers (eg Microsoft, Google) allow to activate each connection, or only once: the latter option avoids having to validate both steps when connecting from a terminal used regularly, which is therefore recognized as “legitimate”.
Strong authentication on Google services: Gmail, Drive, etc.
The following procedure is valid to enhance the security of access to Google’s various connected services: Gmail, Docs (Drive), Youtube, etc.:
- Account settings,
- select “Security”,
- then, “Validation in two steps”> parameters,
- two-step verification requires a phone number: a code is sent by SMS to validate the connection to an account: either at each attempt, only once per computer.
- center
- Two-factor authentication for Microsoft services
- com, Skype and Skydrive
- To enable two-step authentication on different Microsoft services, it is necessary to have a valid Microsoft account.
- Log in to your Live Account
- Under “Password and security information”, click on “Change security information”.
This step requires the insertion of a code: it can be sent by email to a recovery (rescue) email address linked to his Microsoft account.
Once you have entered the code, access the “Security Information” page: click on “Configure the two-step verification”.
The previous confirmation step can be requested again (inserting a code), finally, select a second authentication factor from the list provided: phone number, backup e-mail address (different from the one already entered), or strong authentication application (for smartphones).