blog posts

What is 2FA? + Activation training for Two-factor authentication

On the Internet, which has overshadowed the whole world, Security They play the first letter. Two-factor authentication is one of the security options in the web world that greatly increases the security of your accounts. 

In this post, we will explain everything you need to know about this method in simple language. Be with Digital Currency.

What are two-factor authentication?

Two-factor authentication, or 2FA for short, is a way to log in to an account in which the system, to make sure that the person trying to log in is the user (and not, for example, a hacker), The user asks for two different factors for authentication.

These are two factors:

  1. What the system knows (like your password)
  2. Something that proves you entered the password yourself, not someone else. The second factor could be a one-time password that is separate from the password, or email verification or SMS verification.

In Persian texts, the name of two-step authentication / two-factor authentication is also used for this method.

In other words, using this method, the user first enters their username and password, then instead of immediately accessing the account, they are asked to provide additional information to prove that they really own the account. Enter another.

For example, if you enable 2-step authentication in your email (such as your Gmail account), you will be asked in addition to your password to log in to your account (or any other way) when requesting to sign in. confirm.

The second factor can have different types, the most important of which are:

Information that only the user knows

This type of two-step authentication is information that is relevant to the user and the user knows it. For example, answering a series of private questions, or the pattern of tapping a specific key, etc. can be used as one of the authentication methods.

Features that the user has

Typically, a user can perform this authentication using one of the electronic devices at their disposal, such as a credit card, smartphone, or a small hardware device, also called a hardware token.

Physical information that the user has

This type of authentication is a bit more advanced as well as more secure and includes biometric patterns such as fingerprints, iris scans and other such authentications.

Why should we use two-factor authentication?

The proliferation of Internet use and increased attempts to hack users’ accounts have shown that passwords alone cannot secure an Internet account.

Here are some of the reasons why using a password can not provide 100% security for users.

Simple and guessable passwords

According to a recent study, 1.4 billion hacked passwords were very simple phrases that anyone could guess.

Among these simple phrases as passwords, the use of phrases such as “111111”, “123456”, “123456789” was very foolish and guessable.

Cracking is one of the most common ways to obtain a password for different accounts. In this method, crackers access different accounts using special software and testing a large number of passwords.

What is 2AF?  + Activation training

Malware and social engineering

Even if you use complex and unpredictable combinations to encrypt your accounts that crackers can’t test, you still run the risk of getting your password.

Malware such as rats, trojans and keyloggers can easily copy the passwords entered by the victim when logging in after infecting the victim’s system. No matter what password you use, a malware will copy it completely and give it to the hacker.

It may also be through social engineering (e.g. Phishing) Cheat and give the password to a hacker or swindler with your own hands.

With two-factor authentication, even if someone knows your password, they will not be able to log in to your account.

Common types of two-step authentication (2FA)

Several different methods are used today for two-step authentication; Some are more secure and more powerful, and some are more complex to use. But they all provide more security than just using a password.

Here are some of the most common types of two-step verification.

Using hardware equipment

Security token

The oldest form of two-step authentication is electronic equipment, which is very small in size and produces a new numeric code every few seconds. When a user wants to access their account, they look at their electronic device and enter the 2FA code displayed on the site or application to log in to their account. There are several types of devices that are not covered in this article.

Many Iranian banks have been offering these hardware tokens to customers who wanted their account security to be high for years.

Today, with the proliferation of cell phones and easier, cheaper and safer solutions, this method is not widely used.

Using text and voice messages

Using the SMS method for two-step authentication has a direct connection to the user’s mobile phone. After receiving the username and password, a unique one-time password will be sent to the user’s mobile phone via SMS.

Similar to the process that occurred when using the hardware equipment method for verification, that is, the user after receiving the code on his mobile phone, to log in to his account must enter it in the site or application to be able to access his account Find out, the same thing happens here.

SMS confirmation

Similarly, in the 2FA method, using a voice message, a number is called to the user’s mobile phone and the 2FA code is told to him by voice. Although this method is not very common, it is still used in countries where smartphones are expensive or mobile services are poor.

For non-sensitive online activities, text or voice authentication can meet your security needs. But for websites that store your personal information, such as many corporations, banks or email accounts, this level of two-step authentication (2FA) may not be secure enough.

In fact, using SMS or voice messaging for two-step authentication provides users with the lowest level of security among authentication methods. For this reason, many companies have gone further and come up with safer ways to enter in two steps.

Using software

The most popular form of two-step verification used as an alternative to authentication using text and voice messages is the use of software that generates one-time code.

To use this method, the user must first download one of the 2FA applications (such as google authenticator) and install it on their mobile phone or laptop. It can then use the app on any website that supports this type of two-step authentication.

What is 2AF?  + Activation training

When logging in, the user first enters their username and password, and then enters the code displayed in the 2FA app to access their account.

The same is true for two-step authentication applications, similar to the hardware that each code generated was valid for only a short period of time (usually 30 or 60 seconds). This means that each code displayed in the application is only valid for 1 minute, so the user has only 1 minute to enter it.

Since the code is created and displayed on the user’s own mobile phone in this way, we no longer have to worry about the two-step authentication method using text message or voice message, and hackers have a chance to track the 2FA code. In this way, it disappears.

Most importantly, since 2FA applications are available for both mobile and desktop, and even work without the need for an Internet connection, this method of user authentication is available almost everywhere and under any circumstances.

If we want to briefly mention the advantages of using two-step authentication applications:

  1. They have higher security than other 2FA methods.
  2. They have both mobile and desktop versions.
  3. And They also work offline without the need for internet.

With the spread of bank account phishing in Iran, Iranian banks are also looking for a plan to create a second one-time password, in which the user is given a second one-time password when shopping online, so that if the second password is leaked, the previous password after a few seconds. Invalid and may not be abused.

How to enable two-factor authentication?

Each website or software can have its own method for two-factor authentication, but usually most reputable platforms support google authenticator software. In this way, the user must download the software and then activate this feature by scanning a QR code from the Security section of his account.

These websites give the user a dedicated key so that if they lose their mobile phone or the software is deleted from their phone in any way, they can recover their account. Therefore, this key must be well protected.

Here we look at two-step authentication Bainance Exchange Which most Iranian traders work with.

After creating an account in this exchange and logging in to the user account, by referring to the Security section, you can access the settings page and the 2FA activation section:

What is two-step authentication and why should you use it?Click on the image to see the full size.

As shown in the image below, 2FA settings are available by accessing the Security page, which Bainance supports three ways to apply two-step authentication:

What is two-step authentication and why should you use it?Click on the image to see the full size.

The first method is to use flash-like hardware hardware that connects to a computer and generates a code every 60 seconds. Bynance has proposed the use of YubiKey hardware in this method.

What is two-step authentication and why should you use it?

The price of this hardware varies from $ 20 to $ 69.

The second method is to use the Google Athenticator application as a two-step authentication program that generates a new code every 60 seconds.

Of all the applications designed for this purpose, this authentication application is one of the best and most popular programs supported by most sites and services that offer two-step authentication.

To use this application, you must first download it and install it on your mobile phone.

Download Google Athenticator

Then use it on sites that support the app in their two-step authentication method. To enable this method in Bainance, as shown in the image below, click on the Enable option.

What is two-step authentication and why should you use it?Click on the image to see the full size.

Click on the Enable option to enter the following page, which shows us the steps to enable two-step authentication using the Google Authenticator application step by step.

In the first step, as shown in the image below, you can download one of the Android or iOS versions depending on the mobile operating system, or if you have already installed this application on your smartphone, click Next. کرد.

What is two-step authentication and why should you use it?

After clicking Next, the next page will be displayed, which is the QR code for the Bainance account.

Click on the image to see the full size.

An important security point to keep in mind when using apps for two-step authentication is to make sure you write down the backup code or software support that the software gives you.

This code is given so that if your mobile phone is lost or crashed, you can access your two-step authentication on various sites through another smartphone.

Finally, in order to complete your two-step authentication, you must enter both your master password that you chose when creating your account on the site and your Binance account password in the Google Authenticator app, which changes every 60 seconds. he does.

Click on the image to see the full size.

Clicking the Submit option will enable two-step authentication using the Google Authenticator app.

The third method is two-step authentication using SMS or SMS, which is both less secure than the previous two methods, and in sites such as Bainance, which have placed Iran on their sanctions list, the possibility of authentication with this method and by number Iranian telephones are not possible.

last word

The challenge that has always been posed to websites that provide online services is their security.

It often happened that people’s accounts on these sites were hacked and their information was stolen. It was because of this problem that the use of an additional security method was introduced to prevent hacking and theft of user information. This additional layer of security became known as 2-step authentication, or 2FA.

For some people, account security on many online sites may not be important. But when it comes to money, everyone is looking for the highest level of security.

That’s why it’s so important to use one of the two-step authentication methods in the digital currency exchange you work with.

Of all the two-step authentication methods, the most efficient and secure is to use one of the 2FA applications, and among all the applications designed for this purpose, the Google Authenticator program is one of the most popular and common applications.