Have you avoided protecting your online accounts with Two-Factor Authentication (2FA), also known as Multi-Factor Authentication (MFA)?
Maybe you are concerned that you will be locked out if you lose your phone that creates the 2FA codes you need.
Don't worry! You can create backups of your 2FA. How to do that is explained here.
Passwords Aren't Safe Enough
Strong passwords can’t be relied on anymore to protect you online. Passwords can be intercepted or stolen in data breaches and used to take your identity, money and sensitive information.
The most important accounts to protect are your password manager, email account and bank accounts. You need more than a good password to keep the criminals out.
How 2FA Protects You
With 2FA, you use more than just your password when you log into an account on the internet. Typically, you also enter a 2FA code from:
- An authenticator app on your mobile phone,
- A physical USB key,
- A phone call, and/or
- A text message.
Since cybercriminals don’t have your mobile phone or USB key, they can’t get your 2FA codes and can’t log into your account. (Warning: There are some ways to hack text messages.)
An example of using 2FA may be accessing your bank account online. After entering your login and password, you may receive a code in a phone call or text message that you need to continue into the bank website.
Note: 2FA is a subset of Multi-Factor Authentication (MFA), which requires a password and one or more added authentication methods.
2FA Backup and Recovery Options
But you ask, “What if I lose my mobile phone?”
Setting up multiple ways to recover from problems with 2FA may be easier than you think.
When you set up 2FA to work with one of your accounts, you are given one or more options. For example, my password manager, BitWarden Premium ($1 per month), gives me this list of 2FA methods:
- Google Authenticator
- Authy
- YubiKey OTP
- Duo
- WebAuthn
Recovery options vary from account to account, so I can’t give specific directions here on how to recover every 2FA . Know that the options are quite similar across accounts and are designed to be safe and easy.
The makers of 2FA options don’t want a zillion users bugging them to unlock their accounts, so simplicity is important to them, too.
For a common recovery method, you are given a list of Recovery Codes. If you lose or don't have your phone, you can use one of these codes in place of a 2FA code generated by your phone.
By setting up one or more recovery options for each of your accounts protected by 2FA, you can avoid being locked out. When setting up 2FA for each account, save your recovery codes and instructions in one or more safe places.
Tip: You may be prompted to use your phone to capture a QR code appearing on computer screen to set up 2FA. First, capture the QR code image with the Windows Snipping Tool by typing "snip" in the Search Box (lower left of your Desktop) or another screen capture utility. Save the image as a backup, naming if for the bank account or other account.
It is definitely worth the time you spend to set up 2FA and your recovery options. If only your logins and passwords stand between cybercriminals and your financial and confidential information, you are not safe.