For a long time, the main measure to access our online accounts was to use a username and password. In this section the most important measure is to establish a password as strong as possible. However, in recent years security has improved a lot thanks to two-factor authentication. 2FA keys are physical devices that will allow us to use this second authentication factor to enter a certain service, or directly into the operating system.
Cybercriminals stalk us every day, it is no longer safe enough to protect an account with a username and a good password. Although it is not easy to do this, it is possible that our credentials may be stolen after receiving a phishing attack, due to carelessness or poor security planning.
Thanks to double authentication systems, security has been significantly improved. Thus, users are more protected, and even in the event that a cybercriminal took over our password, they could not access our data because they do not have the second authentication factor in their possession.
Therefore, we are going to start talking about double authentication, so that you can better understand the concept, and then we will talk about the 2FA key.
What is two-factor authentication and what is it for?
The first thing we should not do is make it easy for a cybercriminal. In that sense, we must not neglect our password and have a robust one. To do this we will create a 12-character one that contains uppercase, lowercase, numbers and symbols. Remember that it is our first line of defense.
Two-factor authentication systems are based on the fact that in order to enter the system, we have to authenticate in two different ways. We currently have a total of three forms of authentication:
- Something we know: the username and password.
- Something we have: a physical card, a 2FA key, our smartphone to receive the SMS, our smartphone to generate the codes
- Something that we are: biometrics, fingerprint, iris etc.
Double authentication systems on the Internet are based on the fact that, after entering our usual password, we are also asked for another password, which is usually a temporary random PIN. We receive this PIN in our e-mail, smartphone via SMS, or directly through a TOTP code authenticator application.
In the event that a cybercriminal tries to log in using our username and password, they will not be able to complete that action. The reason is that it does not have that random PIN code that is generated, for example, on our mobile. An example is Google’s two-step verification . For example, to generate that PIN on our smartphone, the Google Authenticator app or also Latch can be used, among other things.
How to use a 2FA key
One way to use two-factor authentication can be with the complement of a smartphone as we have already mentioned before. However, it is not the only option, we can also use a 2FA key as a second authentication factor. This 2FA key is a “something we have” as it is a physical device.
If we want to use this device, all we have to do is connect it to our computer or laptop through a USB port. The first time we use it, a random number will be generated, through which the different codes that will be used to log in to the platforms with which we link it will be generated.
In this way, when we have to log in to a website, all we have to do is insert the 2FA key into our USB port , and wait for our browser to recognize and verify it, without having to do anything else. From that moment, no person who does not have the physical 2FA key will be able to access our account, even if they have our access password.
Currently there are multiple online services that support 2FA keys, however, they are still not enough, and little by little this number is increasing. One of the services that has been supporting this type of two-factor authentication for the longest time is Google, however, we could also use this key to authenticate against a Linux server, and even Windows computers.
2FA key compatibility and which ones to buy
Currently this type of keys are compatible with the browsers that we currently use the most, and they are none other than:
- Google Chrome
- Mozilla Firefox
- Opera
As for some of the platforms that support these keys are Facebook, Dropbox, GitHub and Google , among many others. Finally, some of the 2FA keys that we can buy that are widely tested are:
Another that will work very well for you is the following:
As you have seen, 2FA keys are a secure authentication method, which will allow us to successfully carry out two-step authentication. The most important thing is to never lose these physical keys, otherwise, we will have to enter our accounts in online services in another way.