2AF, also known as “two-step verification,” is an additional layer of security that you should activate in all your services.
It is increasingly common for online systems to be compromised (SegurCaixa Adeslas, Mapfre, Adif, etc.), with the attacker obtaining the users’ data who were using these systems.
Once the user data is obtained, the attackers try to reuse the credentials to access their emails, banks, or other providers; therefore, it is important NOT to reuse the same password for different services.
However, an additional layer of security prevents the attacker from accessing the victim’s accounts, even knowing their password: two-factor authentication, also known as 2AF.
This system generates a random code every 30 seconds, which only the legitimate user can consult through a mobile application, which must enter at each login. Since it is based on a dynamic system between the service and the user, it is quite difficult for an attacker to obtain such code:
More and more systems offer this type of security, and without a doubt, the most common ones already have it among their options. Some services that already allow the use of 2AF:
- amazon
- GitHub
- TeamViewer
- Snapchat
- Dropbox
- Evernote
- Slack
- Buffer
- Microsoft
- Discord
There are many more. To check if your provider uses two-step verification, go to the security settings and search through the different options. If in doubt, contact your provider directly for more information.
Some 2AF Solutions
Undoubtedly the most robust and secure solution of all those on the market. With the basic package, you can not only use its two-step verification system, but you also receive a complete security system that includes synchronized desktop applications or a secure password storage system for services that do not include 2AF, among other features:
Without reaching a system as complete as 1password, Authy allows us to save the 2AF credentials of all our services; it has a multi-device option and allows us to make backup copies of our double-factor accounts:
The One You Should NOT Use: Google Authenticator
Surprisingly, the Google app doesn’t have multi-device options or backups of your bindings. Nor does it ask for an access credential (or fingerprint) to access the application. If you lose your mobile, you will lose access to all the accounts where you have activated 2AF; or worse yet, if it is stolen, the thief will be able to access all your accounts.
Our advice is NOT to use the Google Authenticator app for 2-Step Verification for these reasons. If you are already using it, immediately migrate to any of the suggested options.