Use Two Factor Authentication

Use Two Factor Authentication

The online world is a dangerous place, the need for user authentication methods other than just the traditional username and password combinations has become critical to enhance your online security.

Two Factor Authentication (2FA), also known as Multi-Factor Authentication (MFA) or 2-Step Verification adds an extra layer of security to your account in case your password is compromised.

When using Two Factor Authentication first when logging in a user enters their username and a password as normal, but instead of immediately gaining access, they will be required to provide another piece of information (the second factor).

This second factor could come from one of the following categories:

Something you know: This could be a personal identification number (PIN), a password, answers to "secret questions" or a specific keystroke pattern

Something you have: Typically, a user would have something in their possession, like a credit card, a smartphone, or a small hardware token

Something you are: This category is a little more advanced, and might include biometric pattern of a fingerprint, an iris scan, or a voice print

A good example of two factor authentication is something most of us familiar with, withdrawing cash from a cash machine or ATM (Automatic Teller Machine). Two things are required for a withdrawal to be approved by your bank, your valid credit or debit card (Something you have), and your 4-digit PIN (Something you know).

Common Types of Two Factor Authentication in use today include;
Hardware Tokens are small, similar to a key fob and produce a new numeric code every 30-seconds, when a user tries to access their account, they look at the device and enter the displayed 2FA code into the site or app. Some have the ability to automatically transfer the 2FA code when plugged into a computer's USB port.

SMS Text-Message and Voice-based 2FA interact directly with a user's phone, when a user tries to access their account the site or app sends the user a unique OTP (one-time pass code) via a text message or automatically calls a user and delivers the OTP code by audio. This is considered to be the least secure way to authenticate users but any 2FA must be better than none.

Software Tokens are software-generated, time-based, one-time pass codes and are the most popular form of two factor authentication. Users install a 2FA app on their smartphone or desktop and use the app with any site or app that supports this type of authentication. When a user tries to access their account, the app displays a 2FA code similar to that produced by Hardware Tokens. The user then enters the displayed 2FA code into the site or app. Apart from 2FA Apps being available for desktop, mobile and wearable platforms some even work offline.

Push Notifications for 2FA are more user-friendly, websites and apps send the user a push notification that an authentication attempt is in progress, the device owner simply views a notification details and can approve or deny access with a single touch with no additional interaction required.

We recommend the Software Token 2FA approach, there are many authenticator apps to choose from including apps produced by Apple, Google and Microsoft. Our preference is Authy which we recommend as it works on all of our devices, integrates with Bitwarden password manager and it allows multiple devices.

Visit the Authy website for details.

Related Content

Upgrading your Joomla 3 site to Joomla 4 and beyond offers many benefits including the increased speed performance and is also a great ...

You can now order our remote Joomla Website Support Services online and pay in GB Pounds, Euros or US Dollars by credit/debit card or by bank transfer...

With the increase in mobile devices along with the amount of sensitive personal and business data stored on them it's crucial that you encrypt your st...

Many people assume having a private conversation discussing confidential business or personal information using a messaging service is private but mor...

We offer a wide range of services at Joomla Fixers, including remote on-demand and scheduled Joomla Website Support, Website Design, Website Development, Website Maintenance, Website Marketing, and Website Hosting. Our services cater to both end users and web design studios worldwide.

With over 15 years of experience in overseeing, fixing, constructing, managing, and enhancing Joomla websites since 2005, we are able to operate highly effectively thanks to our Joomla Website Support System.

Joomla Fixers-Joomla Website Support and Maintenance Specialists
Realvision Internet Limited
124 City Road
London, EC1V 2NX
United Kingdom

Terms and Conditions
Privacy Policy
Cookie Policy
Privacy-respecting analytics by Matomo

Secure Payments Powered by Stripe