Beginners guide to two-factor login

Mar 6, 2019

You’ve probably come across two-factor logins while browsing and purchasing online. While not used universally (quite yet), it’s quickly becoming a security standard, with the extra level of security proving reassuring for users.

Two-factor login is the process of using two different logins, such as a password and a code sent to your phone, to get access to a password-protected service. It’s common when the site in question contains personal and sensitive information such as phone numbers or payment card information.

An example of practical use of two-factor login is when you withdraw cash from a cash machine. You need the card (Factor 1) and PIN Number (Factor 2) to complete the task of withdrawing money.

Why use two-factor login?

The extra layer of protection gives better security for your login credentials when browsing online. Using both the normal login (username and password combo), and the additional security of a code sent through text or email, gives the extra factor of safety that’s becoming increasingly important when browsing online. 

Here’s how two-factor login works:

Other two-factor pages may look different, but the majority follow a similar basic structure.

Navigate to the site you wish to log on to. Enter your login credentials – this will be a username and password combination. 

On the next page, there’s a space to add an additional code. Where this code comes from depends on the settings the site, and what the user has set up. Usually, they come through as a text message or email. 

When the user enters the code, the two-factor process is complete.

On the second picture, there is an option displayed that allows the user to tick a box which indicates that they would like to ‘trust’ the device. By doing this, you remove the need to use the two-factor authentication process, instead just using the basic username/password combination. Removing the two-factor is good when you use the device regularly, as it makes the login process more straightforward. 

Don’t tick this box if the device you are using is a public computer, or if you are logging into a site that has personal or payment information on it. 

Two-factor authentication is fast becoming a standard part of securely browsing and purchasing online, and Liquidshop highly recommends that you add the feature to your website.