Learn how to install and enable multi-factor authentication for your emails and applications.
Usernames and passwords can be guessed or even cracked by determined attackers. One of the best ways to help protect your account access is to use an additional authentication method other than a password. Multi-Factor Authentication (MFA) or 2-Factor Authentication (2FA) provides this additional authentication method.
A method often used and recommend is the use of an authenticator application. The app such as Google Authenticator, Microsoft Authenticator and Authy (Twilio) run on the user's mobile phone.
When a user attempts to log in, they are prompted as usual for the their username and password, however, they are also required to provide a pin number. The pin number shown on the authenticator application is updated every 20-30 seconds. Only the mobile phone and account owner can access the pin code.
This additional level of authentication significantly improves security and reduces the likelihood of unauthorised access occurring. If the account password is stolen or established by a hacker / attacker they will still not be able to access the account unless they also have access to the user's mobile phone.
SMS MFA: Some services offer a similar method whereby the code required to access a service is sent via text (SMS) to the users mobile phone. This methodology is considered less secure than the application based authentication and there are known vulnerabilities.
Example from Authy:
