![[IMG]](https://forums-images.oneplus.net/data/webimg/2022/01-26/61f1605f2ea02.png)
(Edit: me)
Hi mates!
Today we're addressing a topic that is as huge and important as it is underrated – Security.
You probably already know how this works from the movies: Big bad hackers get access to someone's account and then wreak havoc. But we're sooo much clever, right? How can we make our digital wallets and identities more secure? Simple. By using Two-Factor Authentication (2FA).
In short, 2FA is an added step in your log-in process to better ensure that your accounts stay safe. So, in case your password gets compromised, your account will still be secure.
I think over 90% of you are already using 2FA in one service or another, maybe without even realizing it, through something called SMS 2-FA. This method generates a disposable code sent to our phone number via SMS. Unfortunately, that's not the most secure way to protect ourselves for these reasons:
- It's easy to be peeked, possibly even on a locked device, depending on your settings;
- The SIM can be removed and used on another device to read SMS;
- SMS with codes can be read by malware;
- SMS are not encrypted so they can be intercepted between the sender and you;
- Hackers can resort to SIM-swapping, a technique that uses social engineering in order to trick carriers into issuing a new SIM card for your number.
That attack is the reason why SMS 2FA is not as secure as you think and why it is considered insecure by security experts.
How can we solve the problem?
Software is here to help us! The 2FA Authenticator is the answer! Unlike SMS 2FA, these authenticators generate a one-time password (OTP) on your own device, greatly reducing the area of attack.
In most cases, a Time-based One-Time Password (TOTP) algorithm is used, meaning that code constantly changes, based on what time it is. This means that, to access your account, a hacker needs not only a password but also a fresh OTP that is only available on your device. Another upside is that, since it's time-based, your 2FA authenticator still works offline.
So, the question that remains: How to start?
- Install the Authenticator App of your preference (I'll list below some of my favorites);
- Check the Security/Privacy Settings website-related (e.g. Amazon, PayPal, Facebook, etc.); You can find a list of websites and services that allow 2-FA here;
- Choose the 2FA option and select App Authentication (or something similar);
- A QR Code will be shown by the website;
- Open your Authenticator App, add the new account by reading the QR Code generated by the website;
- The app will now generate disposable codes every 30 seconds. You may be requested to validate the 2-FA app by adding a code.
![[IMG]](https://forums-images.oneplus.net/data/webimg/2022/01-21/61eac93c08b04.png)
(Edit: me)
That's it! Now, every time you log in/purchase something online, you'll be asked to open 2FA App and insert the disposable code it generates for you. (bye-bye SMS, bye-bye peekers).
Best 2FA Apps
Most websites and services use the TOTP algorithm, a standard supported by several apps. However, some platforms (e.g. Blizzard, Steam, Wargaming, and Adobe) need their own 2FA apps, because they're incompatible with other 2FA.
![[IMG]](https://forums-images.oneplus.net/data/webimg/2022/01-21/61eac6dfe743e.png)
(Edit: me. If you zoom on the tattooed arm you can read how 2FA boy loves OnePlus)
So, how to choose the best?
Write "authenticator" on Google Play and the App Store, and you'll be spoiled with choice. But don't worry, I'm here to help you to install the best and most secure one.
Even if, between them, the task is mostly the same, we're giving them our accounts, our wallet...our soul.
Google Authenticator
Available here
Pros:
- Easy to use
- Supports WearOS
Cons:
Microsoft Authenticator
Available here
Pros:
- Easy to use
- Hide tokens
- The app can be secured by PIN/Fingerprint
- Online backup available through Microsoft Account
Extra:
Authy
Available here
Pros:
- Easy and stylish
- Easy multiplatform migration
- The app can be secured by PIN/Fingerprint
- Usable on Windows, macOS and Chrome
Cons:
- It needs a phone number to sign up
As we've seen together, an 2FA app should be a must-have on our smartphones! I feel more secure and in peace when I use it during online purchases. But remember guys, the best security tool is our brain! If you fall into phishing schemes, 2FA will not protect you.
Now it's your turn to share below if you have ever used a 2FA authenticator, and tell the rest of the Community which one is your favorite authenticator (and why)!
Cheeeers!
Credits: All the App screenshots have been taken from Google Play
