Skip to main content
Locking your door is a smart practice to help keep you and your family safe. But if you have heard about multiple break-ins, you might also get a home alarm or use a deadbolt as a second layer of defence. Two-step authentication is like that second lock, helping to protect you in the digital world.

This article originally appeared on Discover & Learn on October 3, 2022.

Cybercrime is rising, affecting individuals, families and businesses alike. That’s the bad news. The good news is that being cyber safe doesn’t take a lot of work — instead, it’s a matter of knowing what to do to keep hackers and scammers out of your systems and accounts. Our Cyber Safety 101 series is designed to give you some basic tools and tips that can go a long way to protecting yourself, your family and your data in the digital world.

When you start a new job, apply for a passport or even request a library card, you typically have to show two pieces of ID to prove you’re really you. So when you make an online banking transaction or sign in to an online account that houses personal and/or sensitive information, doesn’t it make sense to show the same level of evidence to prove your identity?

This is what Two-Step Verification (a.k.a. Multi-Factor Authentication or MFA) is all about. Also referred to as 2-Factor Authentication (2FA), it requires a second piece of ID — or second factor — beyond your username and password to prove your identity before you can proceed.

The multiple factors can take several forms, but generally require that your credentials are verified using information from a range of categories, including:

  • Something you know — like your password, PIN, or answers to secret questions
  • Something you have — like as a text message sent to you with a code, or an app such as Google Authenticator
  • Something you are — such as your fingerprint, palmprint or retina pattern

Sometimes, MFA is automatically turned on — but other times, you can choose whether to use it or not. Given that more than 80 per cent of hacking-related breaches use stolen and/or weak credentials, proactively adding a second layer of protection is a crucial extra barrier that can keep hackers at bay. In fact, MFA has been proven to stop the majority of attacks, such as phishing, spear phishing, and credential stuffing. Think of it as an extra lock on your door!

Our Cyber Security Playbook, The Vault, shows you how to turn on MFA across various platforms, to help ensure optimum cyber safety. It also contains more helpful steps and information to boost your cyber skills.