Google just last week announced that since 2017, not one single employee out of its 85,000+ staff has had their account successfully phished and taken over by hackers.  When we live in an age where 80,000 people fall for phishing scams every single day and exposing their passwords, how is it possible that Google has single handedly beaten the odds?

The answer is something called two-factor authentication (or sometimes referred to as two-step verification or multifactor authentication,) which combines something you know with something you have.  For example, a user must enter his/her account password (something you know), but then there is a second piece of information required before the user is granted access to their systems.  This second piece of information can come in various forms; it could be a small USB key that you carry around and insert into your computer when you want to gain access (this is the method Google uses), it could be a text message to your mobile phone with a one-time code that needs to be entered, or it could be an app running on your mobile phone that generates a key to use (something you have).  Even if a cyber-criminal obtains your password, it is useless without the second authentication piece.

There are many ways two-factor authentication can be achieved, and the benefits could literally be priceless. Perhaps, the best part of two-factor authentication is that it is available for just about every major website/app you currently use and it is free.  Two-factor authentication can be enabled for Facebook, LinkedIn, Amazon, Instagram, Google/Gmail, WhatsApp, Paypal, Venmo, Twitter, Dropbox, Apple, Microsoft O365, Snapchat and Yahoo just to name a few.  A comprehensive list of websites that offer two-factor authentication, and supporting documentation on how to enable it, can be found here https://twofactorauth.org/.

Don’t be one of the 80,000 people to fall victim to phishing scams every day.  Turning on two-factor authentication is free and readily available and could so easily prevent lost time and lost money.  So why are you still sitting there reading this blog?  Go enable two-factor authentication NOW!