Messente avatar logo

What is 2FA and why should you use it.

Ivar Jaanus

23 Aug 2016 -

5 min read

Ivar Jaanus

23 Aug 2016


2 min read

Past years have raised quite a few alarms for a lot of people and making them question the level of security of their online data. Just recently over 100 million LinkedIn usernames and passwords stolen in 2012 appeared online and one of the largest online dating sites suffered a large scale breach with 25GB of critical data including user information was stolen. These are just two out of too many hacks that clearly demonstrate how easy it is to take control of your personal data.

This is where 2FA, or Two-Factor Authentication, mitigates the threat and although not 100% safe, it adds another solid  layer of security to your online data and makes it so much more difficult for the villains to hijack your email account or steal your private information online.

So what exactly is Two-Factor Authentication (2FA)?

Two-Factor Authentication is a method of authentication that uses two different layers of security to identify you online. When you type in your username and password you are using the first layer of authentication, the second layer is independent of the first one and is used to vastly decrease the risk of your account falling into the wrong hands.

One of the most used methods of 2FA is using an SMS PIN code delivered to your mobile phone. There are of course other methods like a personal key fob, a USB key or a fingerprint.

Telegram messaging app authentication code

Let’s take a closer look how PIN authentication actually works and why you should start using it ASAP.

Around 65% of people use a single password for multiple sites so if your log-in credentials get stolen from one site you are leaving the doors wide open for all your other accounts. It`s like opening your home and your office door when someone breaks into your car. Adding a second layer of security diminishes the possibility of using the stolen credentials to access your accounts.

SMS PIN authentication requires the bad guy to not only find a way to steal your username and password, but he also needs to steal your phone - not very likely that someone could get their hands on the phones of the 100 million LinkedIn users that were affected by data theft in 2012.

Yes, there are ways to intercept the PIN delivery or use a Trojan horse to interfere the communication between you and the website, but the cases of that happening are so much rarer.

When you log on to a website you are asked for a username and a password, once you successfully fill those fields the site automatically tells the SMS authentication service provider to verify the user by sending a PIN code to the number previously defined by the user. The PIN entry is then checked independently from the website you are trying to access and if the entered PIN matches the one sent via an SMS the website gets a green light to allow access to that specific user.

Messente phone number verification widget

So as we put more and more personal data online every day we can’t just rely on the good old password to protect our account. Stats show that 123456 is unfortunately still the most used password and most certainly the worst. Do yourself a favor and activate 2FA on sites that are already using it and if you have a business that is keeping any user data about your clients, please be responsible and keep them safe with 2FA.

Whitepaper: Impact of Two-Factor Authentication on data breaches

Ivar Jaanus

Head of marketing

Ivar is the Marketing Manager in Messente with years of online and offline marketing experience from various industries. Most of his free time he spends on water kitesurfing.

We're here to help you connect with your customers. Let's start talking.

Email again:

Further reading

Consider this in the bidding process - Part 2

16 Jan 2018

Continuing last week’s discussion around things that companies must consider when selecting a global SMS messaging...

Marcus Kallavus

2 min read

Consider this in the bidding process - Part 1

09 Jan 2018

Selecting an SMS provider from a pool of many can be daunting task. What should be considered when...

Marcus Kallavus

2 min read

Personalized support and why there is no way around it

02 Jan 2018

We often see client support packaged into software products, whether it includes general support tickets, to live chat,...

Uku Tomikas

2 min read

SMS boosts CRM services and it can't be overlooked

19 Dec 2017

SMS messaging has become an expected feature in customer engagement platforms, which involves communicating information to people. Even...

Marcus Kallavus

2 min read