Using a password alone to secure your data on online accounts is the first step toward protecting yourself. Learn how to take the second step and add an extra layer of security and take control of your online accounts with 2 step authentication. Get more at www.stopthinkconnect.org/2stepsahead.
This video is courtesy of the Stop.Think.Connect campaign as part of the National Cyber Security Awareness Month.
Two-step, multi-factor authentication or 2FA is a security tool that uses multiple verification techniques to prove that the person attempting to log onto an account is really that person.
One method with which many of us are already familiar is that special code we receive via phone text after we’ve logged onto a password-protected site or app on our laptop or other device from a browser we normally don’t use. We gain access to our account only after we correctly enter the code. Banks have been doing this for years to protect your information.
Two-factor authentication can combine multiple types of verification.
Some of these methods include:
- Something you know: a password, code, passphrase or PIN
- Something you have: a physical token, chip, or phone
These methods provide an extra layer of security. Most people only have one layer – their password – to protect their account. But combining something you know (your password) with something you have (your phone, token, etc.), makes your account even more secure.
In just one example of its use, Information Technology has enabled two-factor authentication for system administrators accessing UML resources from off-campus locations via our Virtual Private Network (VPN). Stay tuned for more 2FA announcements accessing other applications like HR Direct and SIS.
Big sites already using two-factor authentication include Facebook, Twitter, Dropbox, Gmail, PayPal, eBay, and Amazon Web Services.