What is 2-factor authentication?
One of the most common ways to hijack your online accounts is to steal your passwords. The way to prevent this type of issue is to use a technique called 2-factor authentication. The 2 factors are:
- Something you know : your password which is still used
- Something you have : a one-time use password that is generated on demand that proves you are in possession of something physical.
You use 2-factor authentication everytime you use your bank’s automated banking machine. You go to their machine, you insert your card (something you have) and then enter your pin (something you know).
Many of today’s most popular services allow you to add this additional level of security to your account such as Dropbox, Google, Lastpass, Paypal, Facebook, Yahoo, etc.
Some detractors complain that you need to use a physical device (phone, USB key, token, etc) that can be lost and then causes issues when you try to login.
Their second complaint is about services that email your unique one-time login code to your phone, because they complaint that you have to hand-over your personal phone number to a third party.
I believe more security is better and use 2-factor authentication when available and recommend you do the same. It is an extra step but how much is extra security worth?