Elon University Home

Two-step verification: something you know and something you have

Guest post by Jeff Stern, a student in Professor Lynn Heinrichs’ information security class.

verifyIf a hacker were to log into my email account, they could get data about my financial information, confidential research information and private conversations. For this reason, I have activated two-step verification to protect my account with extra security and encourage you to do the same.  Considering the amount of sensitive data we share on the web, it may no longer be enough to rely on a simple alphanumeric password. Two-step verification, also known as two-factor authentication, is a relatively simple way to further secure your online accounts. The driving idea behind two-step verification is that to log into your account you not only need to enter a secret password but also data from a device that you have (eg. a randomly-generated code from your cell phone) or a biometric (eg. a fingerprint, retina scan). The former is currently the most popular, although with advancing technologies the latter category could become commonplace before we know it. 

If you activate two-step verification on your Google account, it becomes nearly impossible for a hacker to log into your account unless they also steal your cell phone. To demonstrate two-step verification, here’s how I log into my Google account…

Step1b

Step2a

step2b

step2c

As you can see, this does require some extra work on my part when I’m logging into new computers but only you can disable the need to use the Authenticator code on personal devices like your laptop.

Generally tech writers and security experts agree that two-step verification will decrease potential data breaches. If you still have concerns, Matt Cutts debunks many common myths about two-step verification.  I encourage you to give it a try for yourself as the extra effort required is certainly worth the peace of mind.

Visit Google’s documentation for more information about two-step verification.

Christina Bonds

Christina Bonds is an Application Specialist in the Web Technology department at Elon University.

More Posts

This entry was posted in Security and Safe Computing. Bookmark the permalink. Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback: Trackback URL.

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>