Link to TruStone Financial Pinterest page
Link to TruStone Financial LinkedIn page
Link to TruStone Financial print this page
Link to TruStone Financial share via SMS
Feb 20, 2020

Two-Factor Authentication: What Is It And Why Should I Use It?

Placeholder div for background image

Have you ever set up an account or gone to log into an account, and you were prompted to enter a code that was sent to your phone or email? That two-step process is a common type of two-factor authentication, which is a great tool for protecting your information online.

What is Two-Factor Authentication?

Two-factor authentication, also called 2FA, is an added security measure for your online accounts. We live in a time when cybercrime has become more advanced and large companies have had their customers’ information stolen. It is more important than ever to take extra steps to keep your information safe. 2FA is one easy way to do that.

How does two-factor authentication work?

When an account is set up to use two-factor authentication, you will enter your username and password as usual. Next, instead of immediately having access to the account, you will be prompted to provide another piece of information. For the 2FA process TruStone uses, you enter a one-time code that is provided to you via a phone call or text message, and you do this only for the first time you access your account on a new device. With other types of 2FA, you enter something else, like an answer to a security question or a PIN number. Some 2FA systems require software-generated codes or codes provided to you via push notifications. And some accounts may require you to use 2FA every time you log in.

Why should I use two-factor authentication?

You should use two-factor authentication because it is one simple step you can take to keep your information secure online. It is easy to set up and goes a long way in protecting your information from hackers. If you only have a password set up for an account, and that password is leaked, a hacker who gets ahold of it can access whatever information is stored in that account. If you have two-factor authentication set up for the account, though, the hacker would also need the extra piece of information—whether it’s the answer to a security question or a code that was sent to your phone. Without that, the hacker can’t get in.

How do I set up two-factor authentication for my TruStone accounts?

If you use digital banking, you have already set up 2FA. You only use 2FA upon your first login on a device, so you’ll only be prompted to provide a code again if you sign in from a different device. If you want to update the phone number and email address you use for 2FA, go to the menu ( ☰ ), click “settings” then “security.” Under “verification options,” you can reset your 2FA settings.

If you log in on desktop, you can select the "remember this device" option when it pops up to reduce the frequency you are asked to authenticate. If you previously used biometrics to log in on a mobile device, you will need to reestablish them the first time, but then you will be able to log in this way going forward.

If you would like to authenticate a second cell phone, you can use the Twilio Authy app. This app generates secure two-step verification tokens on your device. It helps you protect your account from hackers and hijackers by adding an additional layer of security. (Twilio is not associated with TruStone and may require user agreements and separate privacy policies if you decide to download and use their app.) We will be adding more options for authenticating your device in the future.

For all of your non-TruStone accounts: log in and go to your security settings to see if you have the option of setting up two-factor authentication.

With just a few minutes of your time, you can greatly increase the security of your accounts by setting up two-factor-authentication. The extra step in your log-in routine will be well worth it if the wrong person ever gets ahold of your passwords.


Editor’s note: some information in this article was sourced from Authy.

This blog article is intended to provide you with a general understanding of the subject matter. It is not intended to provide legal, accounting, or other professional advice and should not be relied on as such. Information may have changed since the publication date.

Want to learn more security tips?

Blog post currently doesn't have any comments.