How Can Multi-Factor Authentication Protect Your Identity?
If you’ve logged into a website that contains sensitive information about you, you may have already used multiple steps to log in. While it may seem like a pain, it is actually a really good thing.
A growing number of websites—especially ones that give you access to secure data, like your checking account—are employing what’s known as multi-factor authentication in order to be sure that you’re really who you say you are.These steps might be something as simple as having to answer a security question or provide a PIN number in addition to knowing your username and password, but can be as involved as requiring you to submit information that is sent to you by email or text message in order to reach your account. Some forms, known as biometric authentication, even require you to press down your fingerprint on a reader. Is it annoying? Well, only if you’re in a hurry. But is it an added layer of security to keep hackers and identity thieves away from your data? You bet.
If you log into your bank’s website, for example, and you only have to use your username and password, that’s called single-factor authentication. But there are still a lot of things you can now do to your accounts. You can transfer money between accounts, you can pay bills online, you can even send an e-check to a one-time payee, namely, the hacker. An identity thief, a hacker, or even someone just watching over your shoulder as you log in at a coffee shop can wipe out your account.
But with multi-factor sign in, there’s an added layer of data to input. You’ve probably been doing it for a long time and not even noticed, like when you’ve had to supply your zip code to use your credit card at the gas pump or to make a purchase online. In the case of your bank’s website, you would input your username and password, and then tell the website how to send you the rest of your single-use log in details. You would have to not only have access to your username and password, you would also be required to have access to your email account or your physical smartphone in order to complete the log in process and manipulate that bank account.
Many companies are starting to offer the option to request two-step or multi-step authentication every time you log in, and it’s something you really should consider. It takes a little more time to log in—literally a matter of a few more seconds, in most cases—but it’s nothing compared with the amount of time you’ll spend clearing your name and trying to recover your lost funds after an identity theft or hacking event. Of course, the last thing a professional thief wants to do is tip you off to the possibility that he’s trying to break into your accounts, so just by having multi-factor authentication in place, you could make him think you’re more trouble than you’re worth.
Anyone can be a victim of identity theft, anyone can use our services, and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.