Why is 2FA an Essential Part of Web Security
2FA is essential to web security because it immediately neutralizes the risks associated with compromised passwords. If a password is hacked, guessed, or even phished, that’s no longer enough to give an intruder access: without approval at the second factor, a password alone is useless.
2FA also does something that’s key to maintaining a strong security posture: it actively involves users in the process of remaining secure and creates an environment where users are knowledgeable participants in their own digital safety. When a 2FA notification comes to a user, they have to answer the question, “Did I initiate that, or is someone attempting to access my account?” This underlines the importance of security with each transaction. While most other web security methods are passive and don’t involve end users as collaborators, 2FA creates a partnership between users and administrators.
Since your account security is a priority for us, we also give players rewards for enabling 2FA. You can check them out here. For more information about what you can do to secure your account, please see our Account Security News post.
How Does 2FA Work
Different 2FA methods use varying processes, but they all rely on the same underlying workflow.
Typically, a 2FA transaction happens like this:
- The user logs in to the website or service with their username and password.
- The password is validated by an authentication server, and if correct, the user becomes eligible for the second factor.
- The authentication server sends a unique code to the user’s second-factor device.
- The user confirms their identity by approving the additional authentication from their second-factor device.
While the basic processes behind multi-factor authentication are generally the same across providers, there are many different ways to implement it, and not all methods are created equal. Let’s dive into the various types of 2FA.
Why Use 2FA
In the post-password world, strong web security relies on a dynamic approach built from a variety of tools and policies. It’s important to never rely on any single method for comprehensive protection. That means two things: (1) if you’re currently relying on passwords alone, it’s time to evolve, and using 2FA is a solid first step, and (2) 2FA is an essential security tool, but it becomes even more effective when it’s used as part of a coordinated strategy of security applications and policies.
How do I enable 2FA?
- Go to the ACCOUNT page.
- Click the PASSWORD & SECURITY tab.
Step 2: If you opt to use an authenticator app for 2FA, these common authenticator apps can be found in your mobile device app store:
- Google Authenticator
- LastPass Authenticator
- Microsoft Authenticator