What is Two-Factor Authentication?
Two-Factor Authentication is a very secure way to protect your online accounts. It requires you to identify yourself using two different things when you log in to a site. The second factor is tied to something you have (like a cell phone). So you can think of two-factor as something you know (your password) + something you have (your cellphone).
Regularly you use a username and a password to log in. With Two-Factor Authentication, you would use a username, a password, and a token. A token is a unique number that your cellphone generates and constantly changes. Because only your cellphone can cause that number and only you own the cellphone, even if someone could guess or steal your password, if you enable two-factor Authentication, they wouldn’t be able to hack your account without stealing your cellphone too.
This means that if your password is accidentally leaked to the outside, other people can access your account easily. To prevent this from happening, after successfully entering the password, the service providers will ask the user to enter the password for a second authentication.
This password will be temporarily assigned to one of the assets you own and have registered before, such as phone number, email... So even if your password is leaked at the first authentication, The attacker is also unlikely to have access to your account. It sounds safer.
Some popular forms of 2-step authentication
Based on the above principle, the password for the second authentication will be assigned to an asset you own and that you have registered before. Specifically:
Mobile phone number
You own any mobile phone number. After entering the service password in step 1, the system will send a message containing a temporary password to the phone number you have registered. Now you open the phone, take that password and enter the second authentication step to log in.
Email
Similar to a phone number, the password will be sent to any registered email. Then you also open the email and get that temporary password to log in.
Two-step authentication app
This method allows you to authorize a reputable third-party application, such as Google or Authy ... to generate a password for the second authentication step. For you to better understand this authentication method, I will introduce in more detail the Google Authenticator authentication method in the next section.
Why is 2-step security important?
In this digital age, personal data is always lucrative prey for cyber attacks, especially in cryptocurrencies. There have been many cases where investors and traders lost their wallet accounts due to not applying two-step authentication methods.
Although two-step security is generally not a completely secure form of security, it helps to maximize the protection of trading accounts and e-wallets of investors and traders. Even if your password is leaked, it will be difficult for others to access your account directly.
What is the Google Authenticator 2-Step Authentication App?
Concept
Google Authenticator is a mobile application created to provide temporary passwords for the second authentication step of online services. To use Google Authenticator, we need to note some of the following information:
The Google Authenticator app needs to be installed on the phone you own. It doesn't make much sense if you install it on someone else's phone.
The Google Authenticator app must be authorized for the services. It would be best if you had two-step authentication—details of how to grant permissions we see in the next section.
Mechanism of action
Based on the diagram I described above, the working mechanism of Google Authenticator will be in step two of the overall authentication process. Specifically:
Step 1: The user logs into the service as usual. Then the Service (Facebook/Email) will ask the user to enter the password for the second authentication.
Step 2: Users use the Google Authenticator application to get a temporary password for the corresponding service. Then use this temporary password to conduct the second authentication. If true, the authentication is successful, and vice versa.
Note:
The Google Authenticator app must be registered with a service requiring two-step authentication.
The password in Google Authenticator is temporary (only used once) and constantly changing. Therefore, do not use the Google Authenticator password as the primary password to log in.
Hope the above information is helpful to you!