What is two-step verification (2FA) and multi-factor authentication (MFA)?
Two-step authentication (2FA) involves verifying your identity using two different factors: usually something you know (such as a password) and something you have (such as a phone or token). Multi-factor authentication (MFA) extends this concept by requiring verification with two or more factors from different categories, such as something you know, something you have and something you are (such as a fingerprint).
To gain access to your account, you must be able to prove that you are who you claim to be. This can be done in 3 ways or using 3 factors:
- something that only you know (your password or PIN),
- something that only you have access to (your phone or token),
- something that is a part of you (your fingerprint, face, iris, etc.).
Usually you use only one of these factors, often a password, to prove who you are, but it is better to use 2 or more factors. This is called two-factor authentication or two-factor authentication (2FA) if you use 2 factors or multi-factor authentication (MFA) if you use more factors.
Why is two-step verification more secure than a complicated password?
Two Step Authentication (2FA) is more secure than just a complicated password because it adds an extra layer of authentication in addition to something you know (such as a password). Even if someone gets or guesses your password, they would also need physical access to your second factor (e.g. your phone) to gain unauthorised access. This makes it significantly harder for attackers to hack into your accounts.
A password is not strong enough.
How can my password be stolen?
Passwords can be stolen through various methods, such as phishing attacks (fraudulent emails or websites), malware that captures keystrokes or intercepts data, data breaches where databases containing passwords are compromised, or even by physical theft of devices on which passwords are stored.
What are the consequences if my accounts are hacked
- Unauthorised access: Attackers can access your emails, messages or personal files.
- Financial losses: Hackers can carry out unauthorised transactions or take your money.
- Identity theft: Your personal data can be used to open accounts or commit fraud.
- Reputational damage: Disclosure of sensitive or private data can damage your personal or professional reputation.
Do I lose time when logging in if I activate two-step verification?
No more than a few seconds. On your most used devices, your access is marked as secure and you don't even need to add the second factor every time.
Using two-step verification (2FA) may add a few seconds to your login process at first, as you have to enter an extra code from your phone or another device.
However, not using 2FA can have much more time-consuming consequences if your account is hacked. Recovering from a hack, restoring access to compromised accounts and securing your personal data can take much more time and stress than the short 2FA setup process.
Which accounts should I secure first?
- Start with your e-mail account
- Use it on websites where you leave personal data
- Protect your social media with 2FA
In short: make a habit of using it wherever it is available
There are several methods to set up two-step verification: a code on your mobile phone, a fingerprint, a password. Which one is the best?
The best method depends on your needs and preferences, but also on the security options possible. In general, using multiple layers of security, such as combining a code sent to your phone with a fingerprint or app-based authentication, offers the highest level of protection. It is advisable to choose the most secure option based on the capabilities of the service you are using.
I really don't dare to start. Who can help me?
- Go to local initiatives such as Digipunten, Espaces Public Numérique, info evenings, libraries, police, etc....
- Ask friends and family who are familiar with two-step verification.
- Check out our tutorials: (available soon)
- Check Safeonweb
Can I choose a super easy password like 1234 if I use two-step verification anyway?
It is never a good idea to choose a super easy password like "1234", even if you use two-step verification. Although 2FA adds an extra layer of security, a weak password can still be vulnerable to attacks such as phishing or brute-force attempts. It is best to use a strong, unique password in combination with 2FA to ensure the highest level of security for your accounts.
What if two-step verification is not available? What should I do then?
If two-step verification is not available for a particular service, consider these additional steps to make your account more secure:
- Use strong, unique passwords: Make sure your password is complex and different from passwords used for other accounts.
- Check account activities: Check your account regularly for unusual activity or unauthorised access.
- Enable account alerts: Set notifications for account activities such as logins or changes in settings.
- Update security settings: Use other security features of the service, such as security questions or account recovery options.
- Explore alternative services: Consider switching to a service provider that does offer two-step verification.
What happens if I lose my phone? How can I still access my accounts then?
There is usually the option to set up a recovery e-mail address or backup codes for two-step verification. You can use these to regain access to your accounts if you lose your phone. It is important to check with each service provider for specific recovery options.