Maintaining account security is essential for users. Today there are many external threats that can steal our access codes and, ultimately, access our records and accounts on the Internet. Luckily we have at our disposal different tools that protect us. Beyond putting a password that is strong and complex we can also make use of other important functions. Without a doubt, two-step authentication or 2FA is one of those essential options. Now, it must be taken into account that there are different types. In this article we are going to talk about the advantages and disadvantages of the different types of 2FA .
What types of 2FA are there?
First of all, remember what two-step authentication or 2FA means . Basically we refer to a method by which we verify that it is we who are actually accessing our account and not an intruder seeking to steal it. This is something that adds an extra security barrier to our records and prevents the entry of possible intruders.
Let’s take as an example that we are going to log into a social network from a computer that we have never used before. We put the password and then they ask us for a second step to verify that it really is us and not an intruder. That second step is what is known as 2FA. It is what really verifies that we are.
In this way we can prevent an intruder who has stolen our password through some method from entering our accounts. It is something that is present in different types of registries on the Internet, platforms of all kinds or devices. As we have mentioned they can be different and each one can have its positive and negative points .
Code by SMS
Without a doubt one of the most common two-step authentication methods is through a code by SMS . It is widely used by users and is present in many applications and platforms on the Internet.
One of the main advantages is that it is easy to use and is also accessible to anyone. Everyone has a mobile and therefore it is very easy to receive the code by SMS and then use it to log in.
We must also highlight the speed. The normal thing is that this text message to the mobile phone reaches us in a matter of seconds or a maximum of a minute. Even in case of losing the mobile we can transfer the SIM to another terminal or block it so that another user cannot receive the messages.
But of course, we must bear in mind that it has its negative points. One of the disadvantages is that we will have to give our phone number to that service to send us SMS. What does this mean? It could also be used for advertising purposes, include us in spam lists or even ends up in the wrong hands.
In addition to this it can also happen that this SMS is intercepted. There are varieties of malware whose objective is precisely that.
One-time passwords through applications
We may also receive a one-time password through applications. Basically it consists of receiving a code that we must put when logging in. This code has an expiration time and will only be valid once.
One of the advantages is that we can use these applications on various devices. In addition, we will not receive a code by SMS that can be intercepted, since it is simply shown by that application that we are using.
One of the most important disadvantages is that we must have access to the mobile. This means that if for example it is without battery we will not be able to use this service. Also time can be an inconvenience in some cases.
U2F keys
Another two-step authentication method is to use U2F keys . They are physical devices that allow us to authenticate ourselves when logging in to certain services. They are very useful also to gain security.
Without a doubt one of the most important advantages is that it is a physical device. Therefore, we will be able to take it everywhere and we will not depend on possible problems with our mobile device, software failures, etc. It is one of the safest methods since they are designed against Phishing attacks.
One of the main disadvantages is its difficult implementation on many occasions. It is a relatively new technology and is not as widespread. In addition we may also have incompatibility with some devices as it is a USB port.
Biometric
On the other hand we also have biometric methods to authenticate ourselves. In this case we can use our fingerprint, iris, facial recognition, voice …
The most positive point is that it is very difficult to counterfeit . It is difficult for an intruder to impersonate our voice or fingerprint, for example.
However there are also downsides. One of the main ones is that it is difficult to implant . It is not present on many platforms and also many users do not trust that external companies may have their mark, voice or image.
Automatic notifications
One more form of two-step authentication is push notifications . In this case, a window appears on our mobile and we have to approve or reject that login. For example, when we are going to log in to the Gmail account, we can configure it to launch an automatic notification on our mobile and thus approve it to prevent other intruders from entering.
One of the advantages is that it is more comfortable to use. We are not going to have to open an external application and have to copy a code. In this case, that automatic notification will simply appear and we will have to accept or reject that login easily through a dialog box.
Normally it tells us who is trying to log in, since it shows information about the IP, the device from which they are trying to access, etc. Data that may allow us to accept it or not if we share an account with someone else. It is also an advantage that a potential hacker cannot copy any code we receive, as is the case with other methods. This time it is linked to our mobile phone and it is simply a pop-up message.
Among the drawbacks we can mention that it is necessary for the mobile device to have an Internet connection. This means that if we do not have a network or are not connected to Wi-Fi, we will not be able to log in to our account. In addition we can also accept that connection inadvertently. Let’s say that the dialog box appears and without realizing it, we accept it and we are actually allowing some intruder to access our account.
Security Question
It is surely the least safe option of all. In this case we will have to put a security question to be able to access a certain service. They can ask us things like our date of birth, favorite color, where we lived in childhood, etc.
An advantage is that it is very easy to carry out. It is simply information that we already know and that we can use in these cases.
Now, it has very important negative points. Anyone who knows us very well or has researched us could find out those answers and eventually steal our accounts. It is not a safe method.