A Two factor authentication is a security setting most modern apps offer to add an additional layer of security to the password accessed accounts.
Without two factor authentication, if you are password was ever leaked. then you account will get compromised by people who have malicious intent behind it.
However, with two factor authentication enabled each time you or anyone else logs into your account, the software platform will ask you to enter a code to validate that this was a legitimate login made by the appropriate person.
In most cases, two factor authentication is done using the Google Authenticator app. However, in some cases, two factor authentication is implemented using an email or SMS, which is less secure than configuring it with Google Authenticator.
Email and SMS based two factor authentication is less secure for the simple fact, that emails and phone numbers are more prone to being hacked, or more accurately spied on, which compromises all accounts that use that email or phone number for authentication.
Real life example, I used to have a Microsoft account along time back. In one of the companies I was working I was encouraged by my colleague to log into my Microsoft account to share a document of some kind.
At that time, I didn’t have two factor authentication setup because I never really used that account frequently.
After I left the company, because of all the subtle questionable experiences that I had, I decided to ramp up my digital security.
I had an intuitive feeling that I had to take steps towards guarding myself digitally.
Guess what happen in 2 weeks, I started getting bombarded with two factor authentication messages from my Microsoft account, when I didn’t even log in.
This event confirmed a lot of my suspicion about the people I used to work with at the time.
This also made me wonder, if they did get access to it before I had setup the two factor authentication.
Needless to say, lesson learned, action taken, information shared in this article.