Back to Zopa Blog

How two-factor authentication keeps you safer online

You have a password on our online accounts for the same reason you have a lock on your front door – so that only people with the right key can enter. But this first line of defence sometimes isn’t enough to keep hackers out online. In fact, 81% of security breaches are due to weak or stolen passwords

That’s where two-factor authentication (2FA) comes in. Put simply, 2FA adds an extra layer of security when you log in. Think of it like adding an extra bolt lock to your door to keep people out. This is achieved by requiring two different methods of ‘authentication’ that help to prove it’s really you logging in. 

In this blog we’ll take a look at the different types of authentication available and how they help to keep out hackers online.    

The different types of authentication 

There are three main types of authentication. To make your accounts more secure, it’s recommended that you should combine two of these factors when logging in. Let’s take a look at what they are and some examples of how they work in practice.   

  1. Something you know: This is the most common method of authentication. Think passwords, security questions and PINs. To make this method of authentication as strong as possible, you should never reuse a password across multiple accounts. If you do reuse a password and a hacker gets their hands on it, they would then be able to access multiple accounts rather than just one.   
  1. Something you have: This layer of protection adds something you own to part of the process for logging into an account or accessing a service. For example, linking your mobile phone number to an account so when you log in, after entering your password, you’re sent a unique verification code by SMS which you need to input before sign in is complete. Adding this means that if a hacker were to somehow learn your password, they still wouldn’t be able to log in to your account unless they also had access to your phone.  
  1. Something you are: This is where things get a little futuristic. Something you are refers to things like fingerprint or facial recognition technology, usually available through smart phones when logging into an app.  

Why twofactor authentication matters 

As online fraud becomes more prevalent, making sure your accounts are as protected as possible takes on even more importance.  

Reportedly, 61% of people use the same password across multiple accounts. This creates risk as, if there was a hack on one website which revealed your login details, it could lead to other accounts being compromised.  

Combining a password – the ‘something you know’ – with ‘something you have’ or ‘something you are’ adds another layer of defence. This approach is becoming standard across the financial services industry and so you might already use it with another of your banks.  

Staying secure online 

So, there it is, your whistle stop tour of the world of 2FA is complete. But it’s important to remember, this is just one of the ways to stay safe online. For tips and hints on how to protect yourself from hackers, here are a few other handy links.   

Protecting yourself from fraud 

Take five to stop fraud 

Don’t be fooled – Money mules