What is two-factor authentication (2FA) and why is it important to use?

When you use the Internet, danger is always lurking. There are many scammers and hackers active who try to steal money and/or data from other people in innovative ways. Therefore, it is important to make sure that you use the Internet as safely as possible. One of the ways you can do that is through two-factor authentication (2FA). We'll explain to you what two-factor authentication is, how it works, and why it's important to use it.

What is two-factor authentication (2FA)?

Two-factor authentication, sometimes called two-step verification, is a way to better secure an online account. When you log into an online account, in most cases you will need a username (or email address) and password. After you enter these correctly, you can log in and access your account. However, this is not completely safe. If someone else has your username and password, this person can directly access your account. This is dangerous, especially when it comes to a financial account.

This can be better secured through two-factor authentication. It is an extra step you have to take to access your account. The moment you log in, you are given a code in a mobile application or through an email or text message. You must enter this code on the website you are trying to log into, to verify that you are the rightful owner of the account.

So how does this provide better security?

It can happen that someone, in any way, gets hold of your password. With this, this person could just log into your account. However, when two-factor authentication is enabled, this person will also need access to your cell phone or email address. The chance that someone has your password and access to one of these devices or accounts is very small. It is not possible to log in when someone does not have the right code to proceed.

How does two-factor authentication work?

Nowadays, it is possible to use two-factor authentication on almost any website. There are several ways you can set this up:

• Email: when you want to log in, the website will send a code to your email address that you must enter on the website before you can access your account. This is not the safest way, because hackers can access your email account more easily than they can access your physical phone.
• SMS: the website you are trying to log into will send a code to your phone number in the form of an SMS. You enter this code on the website, after which you can log in. This is safer than using an e-mail, but still not the safest way.
• Mobile application: the safest way to use two-factor authentication is through a mobile application, such as Google Authenticator or Authy. You first link the mobile application to the account of the website on which you want to use 2FA. When you log in after this, a code will appear on the mobile application. This code changes after every 10, 20 or 30 seconds (depending on the application and settings). After entering the code, you will be able to access your account.

The mobile applications that offer 2FA are often well protected by cryptography. This makes it virtually impossible for hackers to access the code that appears within the application. Keep in mind that it’s also important to secure your phone when you are receiving the code on there.

Some websites also allow you to enable multiple ways. The more steps you have to go through to log in, the more secure your account will naturally be. Therefore, it is never unwise to make use of dual 2FA.

Why is two-factor authentication important?

We don't need to tell you that online security is important. That's exactly what two-factor authentication was created for. By using it, you secure your account from outside influences, such as hackers. This is even more important when it comes to accounts that are tied to your cryptocurrencies. Such accounts are of course goldmines for hackers, because there is a lot of money to be made when hacking such an account. By using two-factor authentication, you make the chance of a hack many times smaller. After all, hackers will also need to have access to another device, such as your cell phone. The chances of them being able to do that are smaller than if they only needed a single password to get in.

Tips to improve your online security

Two-factor authentication is just one of the many ways to improve your online security. How safe you are online, starts with you. Therefore, we would like to share with you some tips and tricks to help you use the Internet safely.

• Use strong passwords. A long password consisting of several letters, numbers and special characters is often considered a safe password. This is true, but it is important that the password does not contain any words or numbers that can be linked to you. Think about your hometown, year of birth or favorite soccer team.
• Use different passwords. When someone has cracked one of your passwords, it can be very annoying. You can limit the damage by using a different password for each account. Do you find it difficult to remember all your different passwords? Then you can use a password safe. Always research the password safe you want to use first: there are also safes that have been hacked in the past. It is better to avoid these types of applications.
• Don't just click on a link. There are plenty of cases of people having a lot of money stolen from their crypto wallet because they clicked on a link that had a virus behind it. Therefore, it is important to never just click on a link when you don't know where you are going or where the link is coming from.
• Don't share everything about you on the Internet. The more you share about yourself on the Internet, the easier it is for hackers to steal your online identity or gain access to certain accounts. Therefore, always think carefully about what you share publicly on the Internet.

Enabling two-factor authentication at Coinmerce

It is possible to turn on two-factor authentication for your account at Coinmerce. You can do this by going to the security settings within your account. Keep the key you see in a safe place (not on a device, but in a physical place). At Coinmerce you can only use the mobile 2FA applications Authy and Google Authenticator. It is not possible to enable 2FA by SMS at Coinmerce. We have chosen to do this because it is not the most secure way of 2FA. We will always recommend the use of 2FA. This ensures the best possible security for your account and wallet, and the chance that you become the victim of a hack is much smaller.