What's Two-Factor Authentication (2FA), and how to start using it today

Carlos Solis

Carlos Solis

2-Factor Authentication (2FA) has become a standard for improving account protection and access to services. The National Cybersecurity Center (NCSC) recommends 2FA for high-value accounts for hacker groups, such as system administrators, people working in government, the financial sector, and critical services.

What is 2FA, and how does it work?

In a nutshell, as the name suggests, two-step authentication is an additional step to the password for a user to authenticate, eliminating the risks associated with a compromised password. 

If a hacker attacks, captures or guesses a weak password, it is no longer sufficient to enter the system because he will need approval on the second factor, which is usually changeable or depends on manual confirmation.

There are many different authentication methods, but in general, they all work similarly:

  • First, the user enters their name and password.

  • Then, the password is validated on a server, and the user becomes eligible for the second factor if it is correct.

  • An authenticator service generates and sends a unique code to the user, usually to his email or a separate application.

  • The user confirms his identity with this code.

  • Upon successfully entering both identification factors, the user can access the system.

Authentication software

As mentioned above, part of the secret to making a second authentication factor secure is that it generates a unique code and sends it to the user through a channel completely independent of the original system, making it difficult for a potential attacker to intercept that confirmation.

To ensure the generated code is valid, it must be synchronized with a code on the site that sends the request, usually through a QR code, which will create encryption that will only affect a specific service for a limited time.

Among the most popular programs to generate authentication codes are:

Google Authenticator ( Recommended )

It is a completely free program, functional, and has a large user base. In addition, it supports multiple accounts to authenticate and is easy to use.

It is available for Android, iOS and even as a Chrome extension.

LastPass

Lastpass authenticator is an additional and independent module of the popular password manager. You can download it for Android and iOS

1Password

1password is a popular password manager with built-in authentication and code generation for 2FA. Even in its desktop version, it can read QR codes from the screen. If you already use 1Password, you only need to activate this functionality.

Microsoft Authenticator

Finally, if you prefer Microsoft's alternative, you can use  Microsoft Authenticator with good encryption and security support, available for Android and iOS.

Enabling 2FA in Modyo

Modyo has native support for two-step authentication; activating it only takes a few minutes.

For administrators:

Any administrator of a modyo system can force every user to use the two-step authentication found in the Settings > Security section.

two factor authentication option

Once this option is enabled and saved, all system users can access it only through a two-step authentication process.

For users

Once an administrator enables two-step authentication, you have to


1 - Download one of the authenticators mentioned above. If you don't know which one to use, google authenticator is the best option.

2 - Login with your username and password

3 - Scan the QR code the system shows you to synchronize your authenticator with modyo.

setup authenticator

4 - If this is the first time you are performing the process, you must re-enter your username and password to verify your identity.

5 - When the system asks for it, you must insert the code generated by google for the site you are working on. Be careful, if you take too long, the code will be generated again, and you must insert the most recent code.

authentication code box

Now your site is protected from third-party attacks and password loss.



Photo by Lianhao Qu on Unsplash.

Other Developer Tips

Architecture
Carlos Solís

Carlos Solís

Domain Driven Design: How to Implement a Scalable Architecture for Your Business

Learn how Domain Driven Design (DDD) empowers you to build applications that align with your business. Apply DDD in microservices and micro frontends architectures to create scalable,and maintainable solutions,leveraging the power of Modyo.

Carlos Solís

Carlos Solís

Instant Image Optimization with Liquid in Modyo

Optimizing images is essential for any website, especially if you’re aiming for fast load times and a great user experience.

Customers
Carlos Solís

Carlos Solís

Creating Forms in Modyo

Forms are fundamental in any financial application. They help capture critical user information, such as personal data, preferences, and financial details.