Contact
Two-factor authentication is a function that makes it possible to strengthen security when accessing a certain service, through verification in several steps. Thus, multi-factor systems combine different elements to check whether, in addition to knowing the credentials, the user is who they say they are. For example:
- One thing you know: a password.
- Something you have: a card or a phone.
- Something you are: your fingerprint.
Each layer of authentication adds extra complexity to attacks.
Highlights
When do you can use it?
Today, there are a multitude of websites that offer two-factor authentication. For example, Google, Amazon, Facebook, Apple, eBay, PayPal or Dropbox incorporate it, although it is disabled by default. A more complete list can be found in the following link.
In addition, there are applications to provide the user with this second level of security. Some examples are:
Latch
Google Authenticator
Duo Mobile
Authy
TOPIt is not foolproof
Perfect security does not exist and multi-factor systems are not foolproof. With the expansion of these systems, new attacks also appear. For example, on systems that send an SMS with a temporary code as a second factor: the so-called SIM swapping. Here, the attacker impersonates the victim and convinces the phone company to associate the victim's phone number with an attacker's SIM. From this moment on, the attacker receives all the victim's SMS and therefore renders the second factor useless. In general, using SMS as a second factor is considered insecure.