So you read my last post on safe passwords and now you want to be even more secure. How do you do that? The easiest way (which just so happens to be the solution that most of the tech world uses nowadays) is multi-factor authentication. This is an idea that allows you to combine different types of login credentials so that you and only you can log into your accounts.
Multi-factor authentication largely depends on the existing password infrastructure. You have a password, you put it in, the website counts that as the first factor. Then, it’s up to the web developers as to what other kinds of factors they use. Some could use fingerprint or iris scans, others might send a one-time password to your phone, and others might require a second password, but this is less secure. The point is that if some malicious entity has your login credentials, they can only get so far. They can put in your username and password, but when they have to check your phone for the one-time password, they’re out of luck. Let’s say, hypothetically, that they do have your phone and put in the one-time password. They’re prompted for your fingerprint and are foiled. Your data is behind many walls. You’re safe.
This can use as many steps as you or the developer chooses. The most common today is two-factor authentication, but places that require more security can use four, five, or even six layers of this. It works because it assumes that even if the hacker or thief has all of the information that they think they need, there’s something along the chain that they’re missing. Of course, if they have your unconscious body and can use your fingerprint they can get in, but I think you have other things to worry about at that point.