Messente avatar logo

What is 2FA and why should you use it.

- 5 MIN READ - 23 Aug 2016

Past years have raised quite a few alarms for a lot of people and making them question the level of security of their online data. Just recently over 100 million LinkedIn usernames and passwords stolen in 2012 appeared online and one of the largest online dating sites AshleyMadison.com suffered a large scale breach with 25GB of critical data including user information was stolen. These are just two out of too many hacks that clearly demonstrate how easy it is to take control of your personal data.

This is where 2FA, or Two-Factor Authentication, mitigates the threat and although not 100% safe, it adds another solid  layer of security to your online data and makes it so much more difficult for the villains to hijack your email account or steal your private information online.

So what exactly is Two-Factor Authentication (2FA)?

Two-Factor Authentication is a method of authentication that uses two different layers of security to identify you online. When you type in your username and password you are using the first layer of authentication, the second layer is independent of the first one and is used to vastly decrease the risk of your account falling into the wrong hands.

One of the most used methods of 2FA is using an SMS PIN code delivered to your mobile phone. There are of course other methods like a personal key fob, a USB key or a fingerprint.

Telegram messaging app authentication code

Let’s take a closer look how PIN authentication actually works and why you should start using it ASAP.

Around 65% of people use a single password for multiple sites so if your log-in credentials get stolen from one site you are leaving the doors wide open for all your other accounts. It`s like opening your home and your office door when someone breaks into your car. Adding a second layer of security diminishes the possibility of using the stolen credentials to access your accounts.

SMS PIN authentication requires the bad guy to not only find a way to steal your username and password, but he also needs to steal your phone - not very likely that someone could get their hands on the phones of the 100 million LinkedIn users that were affected by data theft in 2012.

Yes, there are ways to intercept the PIN delivery or use a Trojan horse to interfere the communication between you and the website, but the cases of that happening are so much rarer.

When you log on to a website you are asked for a username and a password, once you successfully fill those fields the site automatically tells the SMS authentication service provider to verify the user by sending a PIN code to the number previously defined by the user. The PIN entry is then checked independently from the website you are trying to access and if the entered PIN matches the one sent via an SMS the website gets a green light to allow access to that specific user.

Messente phone number verification widget


So as we put more and more personal data online every day we can’t just rely on the good old password to protect our account. Stats show that 123456 is unfortunately still the most used password and most certainly the worst. Do yourself a favor and activate 2FA on sites that are already using it and if you have a business that is keeping any user data about your clients, please be responsible and keep them safe with 2FA.

Ivar Jaanus

Ivar Jaanus - Head of marketing

Ivar is the Marketing Manager in Messente with years of online and offline marketing experience from various industries. Most of his free time he spends on water kitesurfing.

An easy way to add more confidentiality - hiding SMS content

15 Aug 2017

In a previous blog, we discussed Flash SMS and how it’s used to ensure confidentiality with SMS messaging. Well, Messente’s API provides two more features that help hide message content:

  • Content no-store
  • Content hashing
Uku Tomikas

Uku Tomikas

Join us to learn how we're helping people #TurnOn2FA

01 Aug 2017

We’ve developed solid APIs for global SMS messaging and two-factor authentication, which are currently part of processes for hundreds of companies and facilitate thousands of transactions every day. Yet we aren’t stopping there. Effectively communicating with customers and securing customer account access online are two aspects of business technology we focus on. While there’s much more to business technology (much, much more,) these are the two areas which we strive to be the best.  

That’s why we keep developing our tools to address evolving needs in the areas which we specialize. 

Yuriy Mikitchenko

Yuriy Mikitchenko

Tools to avoid breaking the budget with SMS

01 Aug 2017

Getting the most bang out of each buck in a marketing communication strategy requires solids budget estimation. Yet when the budget is broken halfway through the month, the questions arise: How did this happen? How have we sent twice as many SMS messages than we should have at this point? Well, this is where the multipart SMS comes into play.

Uku Tomikas

Uku Tomikas

Start sending messages to

for € N/A

Contact us