The first is a matter of simple logistics. I prefer the option to use an authenticator app rather than receiving codes via text message whenever possible, and so should you, for two good reasons. Just make sure you have at least two options, to avoid the risk of being locked out of your account. The best authentication method is the one you're most comfortable with. If your smartphone is lost, stolen, or damaged, you'll need those codes. An increasing number of services support the use of hardware security keys (see: "YubiKey hands-on: Hardware-based 2FA is more secure, but watch out for these gotchas.")Īnd, of course, most services offer the option to print out backup recovery codes, which you can store in a safe place and use in the event your usual secondary authentication method is unavailable. Google and Microsoft, for example, can both push notifications to a trusted device you tap the notification to approve the sign-in. Most (but not all) services that support 2FA offer a choice of authentication methods. Without that code, they can't continue the sign-in process. If this sign-in request were from someone who had stolen my Google account credentials, they'd be stopped dead in their tracks.
#GMAIL APP FOR WINDOWS AVOID 2 FACTOR CODE#
If someone tries to sign in to an account protected by 2FA, they'll need a second proof, such as the code from an authenticator app The dialog box shown here, for example, is what I saw moments ago when I tried to sign in to my Gmail account from a browser I had never used before (Some services also allow you to approve a push notification on your smartphone.)
You can acquire that code in one of two ways: Sent as a text message from the service, or generated by an app installed on your phone.
#GMAIL APP FOR WINDOWS AVOID 2 FACTOR PASSWORD#
Your smartphone can assist with authentication by providing a unique code that you use along with your password to sign in. Smartphones have become ubiquitous, making them ideal security devices.
Turning on 2FA for a service changes the security requirements, forcing you to provide at least two proofs of identity when accessing a secure service for the first time on an unknown device. How does 2FA work? Isn't it inconvenient? In this article, I answer some of the most common questions people ask me about 2FA. A separate 2019 report from Google offered similar conclusions. If a service provider supports multi-factor authentication, Microsoft recommends using it, even if it's as simple as SMS-based one-time passwords. (Some services, being sticklers for detail, call it multi-factor authentication or two-step verification, but 2FA is the most widely used term, so that's the nomenclature I've chosen to use here.)Ī 2019 report from Microsoft concluded that 2FA works, blocking 99.9% of automated attacks. The solution is two-factor authentication, or 2FA. Social engineering can convince even intelligent people to enter their credentials on a phishing site or give them up over the phone. It's the only way to maintain unique, hard-to-guess credentials for every secure site you and your team access daily.Īnd even with reasonable policies in place (complexity, changed regularly, not reused), people are still the weakest link in the security chain. Google Drive alternative: Decentralized and encryptedĮveryone needs a password manager.