What is 2FA? – Source:davinciforensics.co.za

Two-Factor Authentication (2FA) is a security process that adds an additional layer of protection to your accounts by requiring two different types of credentials to verify your identity before granting access. It ensures that even if one of the factors (like your password) is compromised, unauthorised access is still prevented because the attacker would need the second factor.

The Two Factors

1. Something You Know:
   • This is typically your password or PIN.
2. Something You Have:
   • A physical item or a code generated by a device you own. Examples include:
     • A smartphone with an authentication app (e.g., Google Authenticator, Authy).
     • A text message (SMS) with a one-time code.
     • A hardware security key like YubiKey.
3. (Optional Third Factor in Multifactor Authentication—MFA) Something You Are:
   • Biometric verification like a fingerprint, facial recognition, or voice recognition.

How It Works

1. You enter your username and password on a login screen.
2. A second prompt asks you to verify your identity using the second factor. For instance:
   • Enter a code sent to your mobile device.
   • Approve a push notification.
   • Use a biometric scanner.
3. Only after both factors are verified, you gain access to the account.

Benefits of 2FA

• Enhanced Security: It significantly reduces the risk of unauthorized access, even if your password is stolen.
• Ease of Use: Many 2FA methods, such as authentication apps, are simple and quick to use.
• Versatile: Protects a wide range of accounts and systems.

Examples of Use

• Online banking
• Social media accounts
• Email platforms
• Corporate VPNs or systems

2FA is a crucial tool in protecting personal and business information from cyber threats.

Step-by-Step Instructions to Use Google Authenticator

Google Authenticator is a two-factor authentication (2FA) app that generates time-based codes for added security. Follow these steps to set it up:

Step 1: Download the App

1. Open the App Store (iPhone) or Google Play Store (Android).
2. Search for Google Authenticator.
3. Download and install the app.

Step 2: Log in to the Account You Want to Secure

1. Go to the website or app of the service (e.g., Google, Facebook, etc.) you want to secure.
2. Navigate to the Account Settings or Security Settings.
3. Find the option for Two-Factor Authentication (2FA) or Set Up Authenticator App.

Step 3: Link Your Account to Google Authenticator

1. On the service’s 2FA setup page, choose Authenticator App as your method.
2. You’ll see a QR code displayed on the screen.

Step 4: Open Google Authenticator

1. Launch the Google Authenticator app.
2. Tap the + button (usually in the bottom-right corner).
3. Choose Scan a QR Code or Enter a Setup Key:

• If scanning, point your phone’s camera at the QR code.
• If entering manually, type the key provided and the account name.

Step 5: Verify the Code

1. Google Authenticator will generate a 6-digit code for the linked account.
2. Go back to the service’s 2FA setup page and enter the code to confirm the link.

Step 6: Save Backup Codes (Optional but Recommended)

1. Most services will provide backup codes during setup.
2. Save these codes in a secure place. They can be used if you lose access to your Google Authenticator app.

Step 7: Use Google Authenticator for Login

1. Whenever you log in to the secured account, open the Google Authenticator app.
2. Enter the 6-digit code displayed for that account. (Codes change every 30 seconds.)

Important Tips

• Google Authenticator does not sync across devices. If you change phones, transfer accounts using the app’s Export Accounts feature.
• Always keep backup codes in case you lose your phone.

With Google Authenticator, you’ve added a strong layer of security to your accounts!