What is Two-Factor Authentication?

Two-Factor Authentication

Two-factor authentication is one of the most important things you can do to protect yourself online. This security measure helps prevent hackers, scammers, and Cybermonsters from accessing accounts without your permission. In short, it adds another layer of protection against unauthorized access. 

One night in January 2014, I felt a strange sensation in my body, so I rushed to my husband, Ricardo.  Honey, I don’t feel… and bam, I passed out

Two-Factor Authentication1

I woke when nurses in the ER were trying to draw blood, and then I was gone again. Then, finally, I woke up in the ICU (Intensive Care Unit), connected to many machines as doctors were trying to figure out what was wrong with me. I spent several days in the hospital; they were running test after test. 

During my time in the hospital, I noticed that the nurses or doctors would scan my hospital bracelet. Then, ask for my name and date of birth (if I was awake) before moving forward with the medical treatment or test. Asking for my personal information was a second validation process they followed to ensure that what they were doing was the right procedure for me.

In the same way, in our cyber world, we have the two-factor authentication or second verification method, also known as 2FA. The purpose is to validate that you are really you when opening your accounts (bank account, email, social media, personal accounts, etc.) 2FA is an additional layer besides your password to help keep your information more secure. So, let’s explore more in-depth about Two-Factor Authentication / Multi-Authentication / 2FA.

How does Two-Factor Authentication work?

The best way to think about 2FA is like a lock and key combination. You use one form of identification to unlock your phone/computer and then enter the second piece of information. For example, you might use your cell phone number to log into your email account. Then, once logged in, you could enter a PIN or pattern to gain access to your data.

You can set up 2FA on multiple devices, including computers, smartphones, tablets, and routers. 

Two-factor authentication protects your online identity by requiring additional verification steps whenever someone tries to log in to your account. For example, suppose Cybermonsters get hold of your username and password. In that case, they won’t be able to access your account unless they also have your mobile device or some other method of verifying your identity.

Uses of Two-Factor Authentication / 2FA 

Two-factor authentication is often used to secure financial transactions, like credit card purchases, online banking, and mobile payments. However, activating 2FA in your email, social media, web browsing, and cloud storage is crucial in everyday life. The reality of the cyber world is that cybercriminals constantly try to steal accounts. Once they have access, they steal money or impersonate the person and commit fraud or crimes on their behalf.  

A common misconception about 2FA is that it always requires users to carry around something extra, such as a physical device or app. In reality, 2FA is just another form of authentication or code you enter that relies on multiple factors to ensure the user’s identity. Although apps and physical devices are available, you could easily use your mobile devices.

Two-step verification is one of those features you don’t think about until it’s too late. But now that we’re living in the age of cybercrime, having a strong password isn’t enough anymore. If someone gets hold of your account credentials, they’ll still need access to your authenticator app or phone number. And if they manage to steal both, they’ve got complete control over your accounts. So, be Intentional, Aware, and Mindful using your accounts. 

There are many benefits to having 2FA enabled; it takes a bit of extra work to set up and input a code each time you access your accounts. However, the effort is worth it if your user and password are compromised because the cybercriminals won’t be able to complete the takeover unless they get that extra 2FA code.

Recommendation for Multi-Factor Authentication / 2FA

I like to use an authenticator app (Google, Microsoft, or Authy) because it doesn’t depend on receiving a text message or call on your mobile device. You can download the authenticator from the Apple store or Google store.  

If your account allows you to use an authenticator app, it will produce a QR code on the computer screen. Open your authenticator app on your smartphone, select Add, and hold your smartphone up to the computer screen to capture the code. 

Then enter the code on the authenticator app installed on your device each time you need to log into your account.

Two-Factor Authentication 3

The top five accounts MUST have Multi-Factor Authentication

Most bank accounts, investments, or financial-related services probably already include enabled two-factor authentication options. If you don’t have them available, ask your bank or institution for more information on how to set it up. Cybermonsters go after your money so having a second validation is a must these days. There are other five types of accounts cybercriminals go after regularly. Enabling the two-factor authentication ensures that they don’t do the configuration before you do. 


To help protect yourself against phishing attacks, Amazon offers two-factor authentication (2FA). You can set up 2FA via SMS text messages or authenticator apps installed on your smartphone or tablet.  

The following steps show how to enable Two-Step Verification / 2FA on your Amazon account:

  • Go to your Amazon account, and select Login & Security. 
  • Select Edit beside Two-Step Verification (2SV) Settings
  • Click Get Started
  • Follow the on-screen instructions.


Your Apple ID is a big piece of your digital identity. Not only does it help you manage your online activities and payments but it’s also used for storing information about you, such as photos, music, documents, and apps. As a security precaution, having the Two-Step Verification code sent to your phone number or email address each time you log into your account protects your Apple ID.

With two-factor authentication enabled, you’ll receive text messages containing one-time passwords. 

Follow these steps to set up 2FA for Apple using iOS or macOS.

On iOS for iPhone or iPadyou go to Settings > [your name at the top] > Password & Security > Turn on Two-Factor Authentication.

On macOS for mac computers go to > System Preferences > iCloud, sign in, click Account Details > Security > Turn on Two-Factor Authentication.  


Have you ever lost or forgotten a password? Who hasn’t, right? You know how frustrating it can be to try to regain access to your accounts. Enabling the two-step verification ensures that Cybermonsters don’t do it if they get your password first.  

  • To activate Two-Factor Authentication on your Facebook account, follow these steps:
  • On the computer access your Settings > 
  • Go to Security and Login (Opens in a new window). 
  • Under Two-Factor Authentication, click Edit on the right. 
  • On the next screen, select how you’d like to receive your second form of authentication: a text message, authenticator app, or physical key.

I like to use an authenticator app (Google, Microsoft, or Authy), which works best on Facebook. Facebook will produce a QR code on the computer screen. Open your authenticator app on your smartphone, select Add, and hold your smartphone up to the computer screen to capture the code.

Once you’ve enabled two-factor authentication, Facebook will send you a notification letting you know what code to enter every time you sign in. 

Enter the code you received as a text message sent to your phone or an authenticator app installed on your device.


Google has so many services and benefits we use personally and in business. For example, it may have access to your credit card, critical email messages, contact information, documents on your google drive, and business tools. It may also include smart home devices. Because of these reasons, a Google account has to be protected. To do this, Google offers multiple options for multi-authentication. 

2-Step Verification

The most popular method requires adding a security question and answer to your account. When someone tries to log into your account, they must provide both the correct answer to the question and the corresponding six-digit code generated by Google Authenticator.

The second step can be done in one of three ways:

  • By sending a text message containing a six-digit code.
  • By calling a phone number associated with your account.
  • Or, by downloading an application Authenticator (available for iOS and Android). As mentioned, the popular authenticators include Google, Microsoft and Authy.


To turn on two-factor authentication:

  • Open the Instagram app and tap the three dots in the upper right corner.
  • Select “Settings.”
  • Scroll down and look for “Security,” then scroll down again and tap “Two-Factor Authentication.” 

Similarly to previous accounts, you can choose how you want to receive your codes — either via an app or SMS/text messages.  

In Summary

I recommend setting up two-factor authentication in any account that offers it. Having an extra code only you can receive or generate gives you peace of mind online. 

Suppose a criminal gets access to your username and password. In that case, they will try to trick you into giving them the two-factor authentication code to have complete access to your accounts. So what to do if this happens?

Be Intentional. 

Always, call your bank number or institution using the contact information on their website or the back of your cards to prevent accidentally sending or giving your code to the wrong person.

Be Aware. 

Companies, banks, or government institutions won’t contact you first to ask for your password, verification passcodes, or security questions. If you’ve received a one-time passcode or sign-in notification you didn’t request, someone else may have access to your password.

Be Mindful. 

When someone asks to provide a code or is asking you personal questions, simply hang up! Count a few seconds, breathe. Then, check your online accounts, like your email account, for suspicious activity, and choose to change a meaningful password that works for you and every one of your online accounts.

I invite you today to pick one account and activate Two-Factor Authentication. Feel empowered by taking charge of your cyber safety!

Be Intentional, Aware, and Mindful. Be I AM.

You may also like :- What is Cryptocurrency? | Learn from Sandra Estok

Online Shopping Scams and how to Prevent | Sandra Estok

3 Cyber Safety Recommendations Could be Implement in 5 Minute |Sandra Estok

What is Identity Theft? How to Prevent and Recover from It

Can mindfulness be the solution to Cybercrime? | Sandra Estok

What is Cyberbullying? | Sandra Estok

What is Whaling in Cybersecurity? | Sandra Estok

Live Happily Ever Cyber!

Sandra Estok, CEO and Founder of Way2Protect | Happily Ever Cyber!

Sandra Estok

Subscribe for more ways to protect what matters most to you against hackers, scammers, and Cybermonsters™

Leave a Comment

Your email address will not be published. Required fields are marked *