Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision |
two-factor_authentication [2019/08/06 19:59] – neil | two-factor_authentication [2019/08/21 06:32] – neil |
---|
=====Two-factor authentication===== | =====Two-factor authentication===== |
====What is "two-factor authentication? ==== | |
| |
Different forms of second factor. | ====Key points ====Â |
| * [[two-factor_authentication#"Two-factor authentication" means using something you are, or something you have, to log in to a site, rather than just something you know|"Two-factor authentication" means using something you are, or something you have, to log in to a site, rather than just something you know]]Â |
| Â |
| ===="Two-factor authentication" means using something you are, or something you have, to log in to a site, rather than just something you know====Â |
| Â |
| When you log in to a site or service using a username and password combination, you are logging in with what is known as a "single factor", since both of these things – your username, and your password — are both "things that you know". |
| Â |
| To increase your security, you need to add additional "factors" to your login credentials. This means that, if someone compromises your username and password (highly likely if you are not [[passwords#Use a unique email address, and a unique password, for every site and service|using a unique username, and unique password, for every site and service]], or else if you log in over [[secure_browsing#Check for a padlock, but it doesn't mean you're connecting to the right site|an insecure connection]]), they should still not be able to access your account, since they do not have control over that extra "factor". |
| Â |
| You choices are "things that you are" and "things that you possess". |
| Â |
| "Things that you are" basically means using [[passwords#Consider if biometric security is right for you|a biometric factor, such as a fingerprint or facial recognition scan]]. |
| Â |
| This page focusses on "things that you possess". |
| Â |
| ====Something you have: one-time codes ====Â |
| Â |
| Some sites will let you configure your account to require you to put in a one-time |
| |
Backup codes. | Backup codes. |
| |
====Hardware security tokens ==== | ====Hardware security tokens ==== |
| {{::img_0417.jpg?400|}} |
Yubikeys | Yubikeys |