It would be much more convenient if you could just walk into your house, or get into your car without having to first unlock the door. It would be more convenient if you could just walk from the front of the airport to your gate and get on the plane without being screened by TSA. Convenience, unfortunately, is often the flip-side of safety and security.
The same thing is true with authentication. When you log in to your computer, or smartphone, or your bank’s website, it would certainly be more convenient if you didn’t need a password at all, or if you could just use the password “password” everywhere, but that would also be extremely insecure.
I wrote a blog post about protecting yourself by choosing security over convenience, and using two-factor authentication wherever possible:
It seems like consumer data is compromised in some massive data breach every other week. You should expect the companies you do business with to do everything possible to prevent data breaches and protect your data, but it’s unreasonable to believe it will never happen. It’s up to you to take additional steps to protect your own data, and minimize the potential fallout from a breach as much as you can. One of the best ways to do that is with two-factor authentication.
Dairy Queen and Kmart are just two of the more current examples of major retail chains that have had their point-of-sale systems compromised—resulting in attackers’ capturing sensitive customer data. Target, Home Depot, and UPS have also been victims of recent data breaches. Personal information and credit card data from tens of millions of consumers is now in the hands of criminals, and at risk of being used for fraudulent activity or identity theft.
Whenever a breach occurs, there are calls to use strong or complex passwords, but passwords alone can’t protect you. The Verizon 2014 Data Breach Investigations Report found that two-thirds of breaches are the result of weak or stolen passwords.
Authentication—the process of verifying your identity—comes down to three essential things: something you know, something you have, or something you are. It takes at least one of these to prove you are who you say you are. For better protection, though, you should use two-factor or multi-factor authentication that includes at least two different methods of authentication.
Read the full article at PCWorld: 3 Simple ways two-factor authentication can protect you when no one else will.