Technology
Understanding the Different 2 Factor Authentication Types
June 1st, 2022

Today, activating 2FA or two-factor authentication is paramount to securing your online services. Today, almost every site that requires a log on process urges its users to enable 2FA.

For many people, 2FA is an SMS with a pin or code that you have to enter right after your username and password in order to access your online account, including your Facebook, Twitter, or Google accounts. Now, everyone recommends that you accept that extra step. And most of us dislike that process—perhaps without knowing its importance.

2FA is one of the oldest security measures that you can use to verify your identity in the real world, when interacting in a virtual space.

What is 2 Factor Authentication?

2FA is a specific type of MFA (multi-factor authentication), which strengthens access security by using two methods to verify one’s identity. The methods are known as authentication factors. These factors include things such as usernames and passwords, plus something else such as a smartphone app.

2FA protects you against social engineering, phishing, and password brute force attacks. Also, it safeguards your logins from cyber attackers who exploit weak passwords or stolen credentials.

Let's chat about CIAM

Discuss your requirements with one of our certified consultants or developers and learn how we can support your identity Strategy

Thanks! We'll be in touch shortly.

Types of 2 Factor Authentication

If the online site you use only requires you to log on using a username and password and it doesn’t provide 2FA, there’s a significant chance that it’ll be hacked eventually. However, that doesn’t mean all 2 Factor Authentication types are the same. Many types of 2FA are in use today; some are stronger or more complicated than others, but they all provide more protection than passwords alone. 

To use 2FA, users must enter two of these three things to gain access to their online account:

  • The answer to a previously chosen question such as your father’s middle name or the name of your first pet
  • A code that has been sent to your smartphone or email account or one generated by software designed for the purpose
  • Some form of biometric such as a face or retina scan, fingerprint, or voice print

Two-factor authentication implementation using a code sent to or generated by something you have, such as a smartphone or software, is the most common method. There are several types of 2FA under this category, including:

  1. 2 Factor Authentication Via SMS

This is a frequently used method to implement 2FA. Using this method, a secret one-time code is sent to your mobile number as an SMS text message, which allows you to verify your identity after successfully entering your username and password.

Advantages:

  • User-friendly and easy to implement.
  • Because 2 Factor Authentication is implemented through SMS, every user can leverage this security feature, even those users with a non-smart phone.

Disadvantages:

  • 2FA via SMS requires that you disclose your phone number to a third party; the 2FA provider. This makes some people uncomfortable because it raises concerns about personal security, privacy, and being targeted for advertisements.
  • 2FA via SMS requires a mobile phone that can receive SMS text messages. If your phone is damaged or missing, or there’s no cell reception, you may not receive your security passcode.
  1. 2 Factor Authentication Via Phone Call

Using this type of 2 Factor Authentication, users receive a verification passcode by phone after successfully entering a correct username and password. Just like 2FA via SMS, phone call verification is convenient and easy to use.

Advantages:

  • User-friendly and easy to use
  • Because 2FA is implemented through a phone call, everyone can leverage this security feature, even users with a non-smart phone.

Disadvantages:

  • Just like SMS verification, cell reception is a key factor in receiving your passcode.
  • Also, if you lost your phone or sim, you won’t receive your passcode.
  • Hackers can clone your sim card and access your online account. However, this rarely occurs.
  1. 2 Factor Authentication Via Email

2FA through email verification is another popular method that people use to gain access to their online accounts. Just like SMS or phone call verification, you get a secret code or a one-time passcode in an email to verify your identity. Sometimes, instead of a code, you are sent a unique link in the email that will also grant you access to your online account.

Advantages:

  • Easy to use and user-friendly
  • You can use this verification method on both your phone and computers.

Disadvantages:

  • Unlike a phone call or SMS verification, you’ll need the internet to receive your 2FA passcode.
  • Email delivery is another fundamental problem. Chances are that the email will go to your spam folder and get lost because of server problems.
  • If hackers compromise your email account, they can easily gain access to your 2FA implemented social accounts, too.
  1. 2 Factor Authentication Via Biometric

Generating 2FA passcodes using biometrics is quite different from any of the methods outlined above. With biometric 2FA verification, the actual user becomes the passcode or token. Yes, your voice, retina, facial recognition, or fingerprint becomes the 2FA verification token that enables you to verify your identity and gain access to your account.

Advantages:

  • Most secure 2 Factor Authentication method.
  • Since you’re the 2FA token, this makes this verification method user-friendly.
  • No Internet access is required.

Disadvantages:

  • Storage of your biometric data on third-party servers poses privacy issues.
  • To use this 2FA method, you must have special equipment, such as a camera or scanner.
  1. 2 Factor Authentication Via Software

2FA using apps or software is a little more advanced than other 2FA methods, and it’s becoming quite popular. To use this method, you need to install an app on your smartphone or computer to receive the 2FA passcode. This application dynamically generates tokens for you that are valid for a short period. So, after a successful log on, open the app to get the passcode you will then enter to gain access to your account.

Applications, such as Authy, Microsoft Authenticator, and Google Authenticator are examples of 2FA software.

Advantages:

  • Easy to use and user-friendly.
  • Your passcode is auto-generated using the authenticator app, so you don’t have to wait to receive a passcode through SMS or email.
  • Some authenticator applications, such as Authy, work both on smartphones and computers. Thus, even if you lost your phone, you can still get your 2FA passcode by using the application on your laptop.

Disadvantages:

  • Not available to everyone because it requires an additional computer or smartphone.
  • Any person who accesses your computer or smartphone can compromise your account.

Final Thoughts

No matter the type of 2FA you decide to use, it’s essential in ensuring better protection for your accounts instead of relying on usernames and passwords alone. Sadly, the right combination of technical expertise and confidence tricks can compromise even the most secure systems. However, for most people doing a normal log on, 2FA can make a significant difference.

For further reading, check out our other articles like MFA Requirements for PCI Compliance and Why OAuth Is Better Than Basic Authentication.

Let's chat about CIAM

Discuss your requirements with one of our certified consultants or developers and learn how we can support your identity Strategy

Thanks! We'll be in touch shortly.