About Computers for Newbies & Everyone Else

October 9, 2012

Two-Factor Authentication

I have a feeling if you have not already heard about two-factor authentication you will hear a lot shortly. TFA is also referred to as "two-step verification" so you may see them used interchangeably. 

Two-factor authentication is another advance in security for protecting you on the internet.  Some bank and other online apps including Google, DropBox, PayPal and many others are using or starting to use this security feature.

My first introduction to TFA was through PayPal several years ago.  It involved getting a free credit card-sized device or a security fob which would fit on your keychain. 

The security device was linked with your online account.  When you logged into PayPal to purchase something you had to enter a short, I believe six-digit, random code into a textbox on the site.  To get a randomly generated code number you used the card/fob.  When you logged into the site you entered your username, password and were then asked to enter your code.  You had to push a button on the device in your hand and it would generate that random code.  Once you entered that code into the website and it matched the code generated in the background on the site, you were in.  If they didn’t match you would get several more tries. Then you would be locked out.  You had to go through a bit of a hassle to get it all verified again or wait a specified amount of time before you could try again.

Unfortunately, my card wore out.  They would send you another for a slight fee.  I opted out of the extra verification.  I did not want to pay a fee for a device that did not survive the ride in my wallet for six-months before dying. 

Today things have changed.  This past summer Dropbox ( or for extra storage for both you and me) started using TFA.  Their features are very similar to the large majority available today.  So let us look at how Dropbox works.

imageLog into your DropBox account using your email address and password as you normally would.  Next, go to Settings/Security and scroll down to "Two-step verification." It will indicate that it is disabled.  Now click "change."  You will be asked if you wish to use text-messaging or a mobile app.  With text-messaging the code will be sent to your phone via text.  If you have to pay for texting choose the other and you can download an app to your smart phone which will generate the code for you, just like the card from PayPal I mentioned earlier.

imageI always make the text-messaging choice.  You run through a verification entering your phone number, a test-text and you are set up.  Next time you log into your account you will use your username, password and get a text box to fill in with your code.  The code will be sent to your phone in about five seconds after you click the send button.

With DropBox as well as some others you can click "remember this computer" and it will put a cookie on your computer.  Then you will not be asked to verify your login with the code on that computer alone.

I like this process and usually forget about it until I try to log on to a site and get the buzz from my phone.  Good luck!  Let me know if you try any or are already using some two-step verification processes.

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Leave a comment

You must be logged in to post a comment.

Powered by WordPress

%d bloggers like this: