Video – VLog #28
What does two factor authentication mean and why we need it?
What is Two-Factor Authentication (2FA) and How Does It Work?
What does two factor authentication do?
Script – VLog #28
Willie Nicol: Hello everyone its Willie Nicol, the Techno Dinosaur here with another vlog with my partner in crime David Logan. I am the techno dinosaur but also a personal and development life coach. I am based in Troon, South Ayrshire, Scotland. So, hello David. How are you? And, where are you?
David Logan: Hi Willie I’m good, for today. I am the IT geek, the person who takes the jargon out of technology for the home worker and gives them the technology to work efficiently. I am based here in Annan, South West of Scotland.
Willie Nicol: Fantastic David. Thank god you’re here because I’ve an IT type question for you. Are you ready?
David Logan: I am ready.
Willie Nicol: My email provider has messaged me to say that I now need to introduce two-step authentication before I can access my emails. So, I’d like you to explain to myself and the listeners what that is and why we need it?
David Logan: Okay, so, in our industry we say two-step authentication. That generally is two-factor authentication so that means, it’s, I think we’re on the same wave length, are we? Two-factor authentication?
Willie Nicol: Yup.
David Logan: Perfect, so, two-factor authentication. Normally when we log online: shop, email, banking, up till a year or two ago the normal log in process is an email and a password or a username and a password. That’s all on one device, whether it’s tablet, phone or computer. Okay? But what two-factor authentication is, shortened to two F.A. That’s number two, F for foxtrot, A for alpha.
David Logan: Which generally is, it’s getting a code from another device. So, if you log into your email on your computer if you invoke two-factor authentication you type in your email address and your password and then it would say: ‘check your phone, we have just sent a code to your phone.’ Assuming you set up your phone as a device for the two F.A code.
David Logan: Now banking, I talked about banking there, they’ve been one of the early introducers and forced the end-user, most owned business accounts rather than personal accounts, two F.A authentication. So, that basically generally can be, same as we talked about, type in your user ID and your password then it’ll say, ‘check your keypad and type in your 6-digit code into this box.’
David Logan: In a nutshell, two-factor authentication is: type in your log in credentials and you get a code on another device. Is that okay? Does that explain it?
Willie Nicol: Yes, it does. It has happened to me on my personal online banking. So, what is the purpose of it and what benefits does it bring?
David Logan: Okay, so, I’m going to turn the question on its head, back to you. What is the purpose of having a username and a password?
Willie Nicol: So they know it’s you.
David Logan: Yes. But, if you type that into one device, if somebody gets those details, can they get into your account?
Willie Nicol: Assuming they have the details, I assume so, yes.
David Logan: Now, if we give you a code via another device, will the hacker have that other device?
Willie Nicol: I assume not.
David Logan: Hence the reason we’re beefing up the security. Reducing the chances of compromise of your account. Doesn’t matter if it’s your online shop, your banking or your email. I’ve got a real-life experience for you… unless you’ve got another question?
Willie Nicol: No, just in a nutshell it’s another layer of security then?
David Logan: Yes. So, the real-life experience is myself, even as an IT geek. We both use LinkedIn and LinkedIn don’t force it yet, but this goes for all social media channels, Twitter, Facebook, YouTube, it’s even into your social media management accounts. They’ve all got that option to set up two-factor authentication.
David Logan: Going back to my example, I, for whatever reason, my password had been changed for LinkedIn, I was getting notified. I’d it set up with LinkedIn to notify me when my password was changed, amongst other things. And for a period, that kept happening. I would change it, go through my phone get a code type it in, yes, you’re the legit owner of that LinkedIn account, then give it two- or three-days’ time, password had been changed again.
David Logan: So, I went through the whole rigmarole. This went on for two or three weeks, so I thought, right, I’ve had enough, I’m going to dig into LinkedIn. I had to dig in to see if I could set up another layer of security and this is where I got the two-factor authentication. I applied it, now, no password change unauthorised now. It’s all stopped.
Willie Nicol: Good.
David Logan: So, whoever was comprising my account, they weren’t to my knowledge, doing anything bad to my account but obviously they had access to my LinkedIn account, and they were managing to change that password.
Willie Nicol: Okay, which kind of, with my former detective head on, how did they manage to get your log in details?
David Logan: Good question but now it has all stopped. Now what it is maybe behind that is that I had multiple email accounts attached to the LinkedIn account. Now, I think it’s a combination of two-factor authentication and the multiple email accounts. Reduction of those and the two-factor authentication increases security, reduces the access for hackers to get in.
Willie Nicol: So, all good in the end then?
David Logan: Absolutely. And I’ve been about a good month now, coincides with the coffee month, coffee free month, where we have had no reset.
Willie Nicol: Thank you David. That’s answered my question and hopefully shone a light for the other viewers on the 2FA situation.
Willie Nicol: So, given that we’re probably near our time, I’m going to say goodbye. So, to the viewer, David will tell you what you need to know now. So, from me Willie Nicol, the techno dinosaur aka the life coach, stay safe, keep well, bye for now.
David Logan: Great, thank you Willie. Fantastic question you asked me there. I appreciate your time. Fantastic. I love answering your questions when you get struggling. Two factor authentication is a brilliant question.
To the viewer, two weeks’ time Willie has got to ask me another question, can you fire that question to us by message or by comments?
David Logan: Please follow us on YouTube. We are still looking for our one hundredth subscriber, please …. down here. Subscribe. YouTube subscribe. We’ve got a prize for the one hundredth subscriber. We’re on Twitter, Facebook and LinkedIn, feel free, reach out to us.
David Logan: If technology is getting you angry, speak to us. Either Willie for stress management or myself for the technology side. Last but not least, be safe and stay healthy. Have a great weekend all, thank you.