Protect your online accounts from hackers using 2FA
How secure are your online accounts? Do you use the same password for everything?
Using the same password for everything is a bad idea because it makes it easier for hackers to access your accounts. If one of your accounts gets compromised, the hacker can use your password to try to break into your other accounts.
That’s why you need to use different and strong passwords for each account and change them regularly. Passwords alone are not enough to protect your online identity. You also need to use an extra layer of security or multi-factor authentication apps.
This is definitely a topic Kathy wants to know more about, as she’s emailing us asking,
"Can you provide more information about multi-factor authenticator apps to use to enhance account security? Also why do banks favor SMS texts for two-factor authentication when they appear to be the riskiest to use? What’s better, authenticator apps or physical security keys? Is there a one-size fits-all solution to use across all accounts? Thank you!"
-Kathy
These are all great questions, and I want to go through each one step-by-step to make sure everyone has a full understanding of two-factor authentication apps and which are the best to use.
What is the difference between multi-factor authentication and two-factor authentication?
The difference between multi-factor authentication (MFA) and two-factor authentication (2FA) is that multi-factor authentication can use more than two factors to verify your identity, while two-factor authentication always uses exactly two factors.
Multi-factor authentication verifies your identity by using different methods, such as SMS texts, authenticator apps, or physical keys. As an example, to log in to your bank account, you need to enter your password and a code that is sent to your phone. This is multi-factor authentication.
Two-factor authentication is a type of MFA that requires you to provide two authentication factors to verify your identity when logging in. An example is when you use Facebook. You can enable two-factor authentication in the settings so that every time you log in, you need to provide your password and a code. This way, even if someone knows your password, they can’t access your Facebook account without the second factor.
MORE: APPLE'S REPLACEMENT FOR THE PASSWORD
Which type of multi-factor authentication is best to use?
Not every website and app supports all types of multi-factor authentication, so the one you use may have to depend on which account you're trying to log into and what type is supported.
Overall, different types of multi-factor authentication have different advantages and disadvantages, depending on the level of security, convenience and compatibility you need.
A physical security key
A physical security key is probably the most secure option because it is immune to many types of attacks, such as phishing and malware. However, it is not very convenient, as you have to carry it around with you, and not every website and app supports it.
Plus, if you lose it, you may not be able to access your accounts unless you have a backup method or a recovery code. Therefore, you should always keep your security key in a safe place and have a plan in case you lose it.
10 WAYS TO USE YOUR OWN DATA TO PUT DOUGH IN YOUR POCKET
SMS text message
An SMS text message is probably the least secure option, as hackers can intercept and redirect those messages. However, it’s widely supported and easy to use, especially for people who do not have a smartphone or an authenticator app.
An authenticator app
An authenticator app is a good balance between security and convenience, as it is less likely to be hacked and can be downloaded to your phone. However, not every website and app supports it, and you may need to have internet access or cell service to use it.
HOW TO HELP PREVENT YOUR CAR FROM GETTING STOLEN
Woman signing into her authenticator app. (CyberGuy.com)
GET TECH TIPS & SECURITY ALERTS WITH THE FREE CYBERGUY NEWSLETTER - CLICK HERE
What are some good authenticator apps I can use?
The most important thing is to use multi-factor authentication whenever possible, as it adds that extra layer of protection to your online identity. Here are some highly-rated authenticator apps you can use for multi-factor authentication, and they each can be downloaded on iPhone and Android phones.
Microsoft Authenticator
iPhone: 4.8 stars (at the time of publishing)
Android: 4.7 stars (at the time of publishing)
DON’T TOSS YOUR OLD INTERNET ROUTER UNTIL YOU DO THIS
Microsoft Authenticator is an option for those looking to keep their information safe. (CyberGuy.com)
Credit: Microsoft
The Microsoft Authenticator app gives you an easy, secure sign-in experience for all your accounts and gives you additional account management options for your Microsoft personal, work and school accounts.
It can use multi-factor authentication with a one-time passcode, can go password-less by using your phone instead of a password to log in, or can use autofill passwords for you. It's easy to use and can keep multiple accounts safe and secure for you.
MORE: ARE YOUR PASSWORDS SAFE?
Twilio Authy
iPhone: 4.7 stars (at the time of publishing)
Android: 4.2 stars (at the time of publishing)
Twilio Authy is an app that can be used for all your apps like Facebook, Gmail and Amazon. (CyberGuy.com)
Credit: Authy
Twilio Authy is another great app that you can use for all your accounts, including Facebook, Dropbox, Amazon, Gmail, and thousands more. It provides secure cloud-encrypted backups so that you will never lose access to your accounts, even if you lose your device.
The app uses the same algorithms as many banks and the NSA use to protect their information, so you can pretty much guarantee that you'll be safe. Plus, you can even use it if you're offline or in airplane mode.
Google Authenticator
iPhone: 4.8 stars (at the time of publishing)
Android: 3.6 stars (at the time of publishing)
ASK KURT: THE VITAL DISTINCTION BETWEEN HTTP AND HTTPS IN SECURING YOUR ONLINE DATA
The Google Authenticator app can be used to sign into all your Google accounts on all your devices. (CyberGuy.com)
Credit: Google
The Google Authenticator app will give you an extra layer of security for your online apps. You can sync your authenticator codes to your Google Account and across your devices.
It offers support for multiple accounts, and you can transfer accounts between devices by using a QR code. Plus, you can choose the type of code generation used that best suits your needs, and it works without a network or cellular connection.
Aegis Authenticator
Android: 4.7 stars (at the time of publishing)
SNEAKY SPYWARE IS AFTER YOUR MOST SENSITIVE DATA
The Aegis Authenticator app is a free option for those who own Android phones. (CyberGuy.com)
Credit: Aegis
The Aegis Authenticator app is a free option for Android users. It is a great app to protect your online accounts from hackers and phishing.
It adds an extra layer of security by generating one-time codes that you need to enter alone with your password. This way, even if a hacker steals your password, they won’t be able to access your account with your phone.
The Aegis Authenticator app also lets you customize and organize your accounts, backup and restore your data, and use it offline.
MORE: HOW TO PASSWORD-PROTECT YOUR EMAIL MESSAGES
Kurt's key takeaways
Multi-factor authentication is a must-have to protect your online security. It adds an extra layer of protection to your accounts, making it harder for hackers to access them.
You can use different methods of MFA, such as an authentication app, a physical security key, or an SMS text message. Each one has its pros and cons, so you need to decide which one suits your needs and preferences.
Don’t forget to use different and strong passwords for each account and change them regularly. Also, consider using a password manager to generate and store complex passwords.
Have you tried using an authenticator app? What has your experience been like? Let us know by writing us at Cyberguy.com/Contact.
For more of my tech tips & security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.
Answers to the most asked CyberGuy questions:
- What is the best way to protect your Mac, Windows, iPhone and Android devices from getting hacked?
- What is the best way to stay private, secure, and anonymous while browsing the web?
- How can I get rid of robocalls with apps and data removal services?
Copyright 2023 CyberGuy.com. All rights reserved.
Kurt "CyberGuy" Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on "FOX & Friends." Got a tech question? Get Kurt’s CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.