Over the past year, more than 80% of Ukrainians surveyed have experienced online fraud. Two-factor authentication (2FA) is one of the fundamentals of cyber hygiene that strengthens the protection of data and accounts of users. This is extremely important in the face of unprecedented online activity by cybercriminals.

The Diia.Osvita platform explains that installing two-factor authentication is like locking a door with two locks or having a plan B in case plan A doesn’t work. If an unauthorized person tries to access your accounts, it will signal the danger. What are the features of such a security system, why do you need it, and how do you install it?

Two-factor authentication: how to protect your data in the age of cyber threats

What is two-factor authentication and why is it needed

Two-factor authentication is an additional layer of protection, in addition to a password or PIN, for credentials, financial assets, and all important online accounts. When logging in, it will require two different types of proof of user identity, which will make unauthorized access to services much more difficult. The relevance of 2FA is driven by several important factors:

  • Growth of cyber threats. A survey by Rakuten Viber found that 81% of 35,000 users surveyed had experienced cyber fraud. 82% believe that the number of online frauds has increased significantly over the past year. Instead, 2FA creates an additional barrier for criminals.
  • Збереження конфіденційності. Two-factor authentication protects against the leakage of personal data, including bank details, email addresses, and phone numbers, which are of great value to fraudsters. 
  • Protection of financial assets. 2FA provides an additional layer of security for online banking and electronic payments.

The essence of two-factor authentication is that the system uses two security factors. Usually these are:

  • knowledge factor – password or PIN code;
  • possession factor – a physical device, such as a smartphone or a code received on it;
  • property factor – biometric data, such as fingerprint, face, voice, retina recognition, etc.

Among the advantages of 2FA is the ease of use of, as modern security systems are intuitive. It is also very convenient that two-step verification is available for most popular online services (Facebook, Telegram, Google, etc.).

The most common methods of two-factor authentication:

  • SMS message. A one-time code will be sent to your phone number.
  • Physical key — is a special USB device that generates one-time codes.
  • Backup recovery codes — is a set of codes that will be the only way to log in to your account if you lose your phone and have no trusted devices. The corresponding option can be found in the two-factor authentication settings window. There are ten eight-digit codes, each of which can be used once. They can be printed, downloaded as a file, or rewritten and stored in a safe place.
  • Code generator (authenticator) — is a special application (e.g., Google Authenticator, Microsoft Authenticator) that can be installed on a smartphone. It will generate second-factor codes directly on the device without a connection to a mobile operator.

Two-factor authentication: how to protect your data in the age of cyber threats

How to set up two-factor authentication: instructions
  1. Log in to your account in the desired service. You can usually find the 2FA settings in the Settings, Security, or Account section.
  2. Select Two-factor authentication, which can also be called Two-step verification, Additional verification, etc.
  3. Click on the appropriate button to activate this feature and follow all the steps that the system prompts.

Here are examples of how to set up 2FA on several services.

How to set up two-factor authentication in Google:

  1. On the Chrome browser home page or in the Gmail window, click on the user’s photo and then click on “Manage your Google account.”
  2. “Security – How you sign in to your Google account – Two-step verification.
  3. Enter your password to make sure that it is really you.

How to set up two-factor authentication in Telegram:

  1. In the application, click on the icon with three lines.
  2. Select Settings – Privacy and security – Two-step verification.
  3. Enter your password, which will be required every time you log in from a new device in addition to the SMS code.
  4. Click “Save”.

How to set up two-factor authentication on Instagram:

  1. On your smartphone, click on your avatar in the lower right corner.
  2. Next, tap the icon with three lines in the upper right corner – Account center – Password and security – Two-step verification.
  3. Select the desired account if you have more than one.
  4. The system then prompts you to choose a method of protection: download an authentication app that will generate a one-time code when you log in, or send a code via SMS or WhatsApp. Then follow the instructions.

Two-factor authentication: how to protect your data in the age of cyber threats

It is also important to understand that two-factor authentication is not a panacea, and while it does enhance the security of your data, it is not 100% reliable. Hackers who obtain authentication factors can still gain unauthorized access to accounts.

However, 2FA is definitely more secure than password protection alone. Combined with other cybersecurity basics, you can achieve the maximum level of protection for your data.