This is an old revision of the document!
Table of Contents
Two-factor authentication
Key points
"Two-factor authentication" means using something you are, or something you have, to log in to a site, rather than just something you know
When you log in to a site or service using a username and password combination, you are logging in with what is known as a “single factor”, since both of these things – your username, and your password — are both “things that you know”.
To increase your security, you need to add additional “factors” to your login credentials.
You choices are “things that you are” and “things that you possess”.
“Things that you are” basically means using a biometric factor, such as a fingerprint or facial recognition scan.
This page focusses on “things that you possess”.
Different forms of second factor.
Backup codes.
Two hardware devices, so you can store a backup safely in safe.
Enable two-factor authentication wherever you can, but make sure you have a back-up mechanism in case you lose your device(s).
Option of 2FA — so if you do make a mistake and give away your username and password, still hard for someone to make use of them, as they require an extra piece of data which (hopefully) on your can generate.
Downside of 2FA is that, if you lose your device, you may well be locked out of your accounts.
If the second code is delivered over SMS, you can probably get a new SIM, get your provider to move your number across to the new SIM, and you are up and running.
If you use an app — which means you are not reliant on getting an SMS — you may struggle more. I don’t have a great solution for this at the moment.
Hardware security tokens
Yubikeys