The Basics of Two-Factor Authentication (2FA) – Keeping You Safe Online

When it comes to keeping you and your information safe online, most people are familiar with the use of a username and a password to keep information private. It’s best practice to ensure that passwords are complex, meaning they typically will need to include more than 8 characters and a combination of upper and lowercase letters, numbers, and even special characters (like @#$%&*(&). This is a process that most people are quite familiar with and, we would be willing to bet, you probably have more usernames and passwords than you can even remember!

Usernames and Passwords May Not Be Enough!

With the increase in fraud and cybercriminals becoming more crafty, getting access to user name and password data, over the past couple of years there has been a growing trend in the utilization of two-factor authentication (2FA), sometimes referred to as multi-factor or two-step login. In this scenario, you leverage an external device such as a mobile phone or an authenticator app, to provide you with a one-time expiring code that you have to enter after you’ve successfully provided your username and a password.

At the basic level, you can register your mobile phone and when you log into a site that supports SMS text based 2 Factor authentication, you will be texted a number that will be good for one use, and has to be entered into the field on your login screen asking you for your special code. Once that number is entered into the screen, your login process is completed and you will be successfully logged in. The great part about this is even if somebody gets your username and password information, unless they have your mobile device, they’re not going to be able to get logged in.

Be Sure To Lock That Door!

Think of 2FA as the deadbolt on the front door of your house. While you may have a screen door with a lock on it, that’s a pretty easy door to get through – even if it is locked. That’s why you want to lock the “main door” of your house to keep out unwanted visitors. So, even if you have your screen door locked, you could hear somebody trying to get through that big oak door with the deadbolt flipped! If that’s the case, you know someone got through that screen door and is trying to break into your house!

It’s that same level of awareness when you get a text message with a one-time code (but are not trying to login to your account at that time). The arrival of the code is an alert to you that someone has your username and password (they broke through that screen door) and wants to get into your “digital house”.

The unfortunate reality is that data breach activity is happening all too frequently, at sites like Yahoo, Home Depot, Facebook, Marriott, Experian, LinkedIn, Equifax, eBay and others. If you are using the same username and password on a site that experiences a breach and your username and password is stolen, that puts you at risk for any other accounts where you’re using the same combination! When somebody gets access to a username and the password combination, they will start to use automated bots that will scour the Internet for other popular accounts and try those combinations of usernames and passwords to see if they can break in. However, with 2FA enabled, you can stop the bad guys before they get into your account and start causing trouble.

Getting Started…

The good news is that Casey State Bank’s Online Banking service provides you the ability to utilize 2FA as part of the login process to help keep your account information safe and secure. We encourage all of our customers to set up this feature and you can find more information about how to do this from within your online banking service, or contact us and we’ll be happy to walk you through the process.

We also recommend taking an inventory of any of the websites that you have a username and password for, and checking to find out if they support 2FA. The good news is, almost every social networking site out there provides the ability for you to protect your account with 2FA. You can also visit a site like https://2fa.directory/ that allows visitors to enter the names of sites to check and see if they support this feature.

Stay safe out there and enjoy your newfound knowledge on how 2FA works (and how it keeps you safe and secure)!