Why two-factor authentication is Necessary?

Two-Factor-Authentication

What exactly is two-factor authentication and who started it? Two-factor authentication occurs when you are required to use two types of identification to log into a web site or open your email. It was introduced because people were using weak password.
Two-factor authentication (2FA), known  as two-step authentication or dual-factor authentication, it is an secure process in which users provide two separate authentication factors to verify themselves.

Two-factor authentication adds an extra layer of security process that makes it harder for attackers to gain access to a person's devices or online accounts because simply knowing the victim's password is not enough to pass an authentication check.

1. The first factor

The first factor is a password. As a reminder, your password should use numbers, capital, and lowercase letters and symbols. They should not be of any type of dictionary and should be at least 12 to 16 characters long. You should never reuse passwords.

2. The second factor

The second factor can vary widely from facial recognition or fingerprint to a web site that can send you a numeric code or OTP (one-time-password) via text or email this is part of secure two-factor authentication of the login process.

How does two-factor authentication work?

Here's how two-factor authentication works

1. First process is  you need  to log in by the application or the website.
2. The user enters  usually, username and password or create new one. Then, the server    authenticate the user.
3. Some website or Process do not require a password, the website creates a unique security key for the user. The authentication tool processes the key, and the site's server authenticate it.
4. Then here its come second step the user  have to initiate a second login step. this step can done by  many ways , such as security tokens, ID cards, smartphones, or biometrics and other mobile devices. This is the possession factor.
5. After that user need to entered the one-time-password for the further authentication.
6. After authenticate both factors, the user is granted access to the application or website.