Why Use 2FA? (And, What Is 2-Factor Authentication?)

Two-factor authentication is a secure authentication method that’s commonly used to log into an account or device that requires two steps. Sometimes also called 2FA, two-factor authentication forces an account to have multiple verification methods before you can log into an account or device. The most common second verification method is approving the login on your smartphone device. Another possible verification method is biometric data, such as your fingerprint or voice. 

Two-factor authentication is more secure than a single factor because you have to approve the login. If someone obtains your password, they won’t be able to log into your account or device unless they also obtain your smartphone or your fingerprints. You can see why this makes 2FA a lot more secure!

Lots of accounts and devices have 2FA options available. As long as you have a smartphone or a device set up for biometric verification, it’s probably a good idea to set up 2FA, especially for accounts that have sensitive information like your social security number or bank account. 

In this blog, we’ll explain a bit more about how 2-step authentication works and how you can set it up on your Windows device. We’ll also explain how to authenticate a login on your phone! 

How Does 2-Step Authentication Work?

Two-step authentication combines multiple authentication methods for a more secure login process. 

By authentication, we mean how a device or service ensures that you’re the owner of the account that you’re logging into. When you log into a computer with a password or PIN, that computer checks to see if the number that you entered matches up with the password saved on file. The same idea applies to your bank account, email, and other digital accounts you set up. Think of your password as a digital key that has to fit the lock to let you inside your account. 

Because passwords can get lost or be stolen, 2FA helps to ensure that anyone can’t get into your account unless they have two of the “keys.” This is unlikely, as the other keys are usually your biometric data or your smartphone. 

If you’ve ever bought something with a credit or debit card and had to enter your PIN as well as your ZIP code, you’ve experienced 2FA. Some digital accounts may also have you “approve” a login via your email or phone. This is also 2FA. 

How To Set Up 2FA for Windows

Windows has a two-step verification called Windows Hello. Learn more about how to set up Windows Hello. This enables you to log in using your face, fingerprint, PIN, or security key. 

This is specifically to log into your Windows computer. But what if you want to set up two-step verification for your Microsoft account? A Microsoft account is tied to most Windows computers and allows you to access things like your cloud storage and your user settings. 

1. Log into your Microsoft Account

You’ll notice additional sign-in options below. This is what we’ll eventually be using for your login!

2. Under Security, select Two-step verification and Manage.

When you set this up, Microsoft will send you a security code that you have to enter to log into a device. Microsoft will send you a code via the Microsoft Mobile Authenticator App. You can download this app for Android and Apple devices. 

3. Log in to your Microsoft account again.

Once you’re logged in, you can manage the different Microsoft services that you authenticate through the Microsoft Mobile Authenticator App. If you set up the authenticator on your phone and connect it to your Microsoft Account, you’ll now have to approve the login on your phone every time. This can be annoying but also much more secure than just having a password login. 

4. Approve a login.

When you log into your account, you’ll now get a notification on your phone that someone is trying to log into one of your accounts. You can then approve or deny it directly from your phone! 

The authenticator app also stores passwords, payment information, IDs, addresses, and even verified IDs. You’ll also find the authenticator app is very secure, requiring you to enter your phone’s password or biometrics (thumbprint or face) to access the app. The app also doesn’t let you take screenshots so you can’t accidentally share your passwords with others.  

Duo Authenticator

Another authenticator you may commonly use is Duo. This is another app that you can download on your phone to approve logins on accounts. The Duo Mobile app connects to many third-party services like your internet service provider, work account (such as Slack), your email, and more. Unlike the Microsoft app, which only works with Microsoft services, Duo works for all devices. 

If you’re interested in securing your bank account or another sensitive account with 2FA, we recommend trying out the Duo app. Once you download the Duo app, you can link your account to their service, so you have to approve all future logins to your account. 

---

ID 172653796 | Jakub Jirsak | Dreamstime.com