What is 2FA?
Two-factor authentication (also known as 2FA) is a security measure that requires users to submit a form of verification in addition to their traditional username and password. This method of authentication provides a second layer of user account security. 2FA is often presented as a code that is given to users who then confirm the code they’re given with the code the website is expecting. These codes are usually temporary and only good for single use, meaning a new code is required every time a user attempts to access their account. The most common methods of 2FA are email, SMS, and through a mobile authenticator app. Dropil recommends using Google Authenticator or Authy to secure your account.
Email: Email authentication is a very common method used to secure user accounts. It is convenient and can come in the form of a specific code or a link that users can click to confirm. This method does not require a specialized app or mobile phone. There are some drawbacks to this method, as email accounts can be insecure. If a user’s email account is compromised, their 2FA code will be known, and their other accounts will be insecure.
SMS: SMS (also known as text message authentication) is a form of 2FA where a code is sent from a website to a cell phone and then that code is entered into a website. This method of 2FA is not recommended for a number of reasons. Text messages are vulnerable to attacks like text message interception or SIM swap attacks. In these instances, text messages can be rerouted away from a user’s phone and to an attacker’s.
Mobile authentication apps: Mobile phone applications such as Google Authenticator are the most highly recommended form of 2FA and considered to be the most secure. With this type of authentication, bad actors would need access to a user’s mobile phone in order to verify their 2FA code. These codes reset every 30 seconds and can only be viewed from within the app one device. This type of authentication comes with a secret seed phrase which users need to write down should their phone break or need to be restored. Without this seed phrase, users will be unable to restore their 2FA settings.
What types of 2FA does Dropil support?
We support email two-factor and mobile app two-factor authentication. Users who choose mobile app authentication must also approve withdrawals through email. For information on setting up 2FA and securing your account, please see our two-factor setup article here.
Choosing an application to manage your 2FA codes
Two of the most popular authenticator apps are Authy and Google Authenticator. Users can choose between either program, but there are some stark differences between the two.
We’ll be reviewing the pros and cons of each application below. Pros are denoted with a + while cons are denoted with a –.
+ Desktop app
+ Encrypted cloud backups
+ 3 types of Authy account security (including PIN)
+ Push authentication
+ Codes can be displayed on multiple devices
– Less secure than Google Authenticator if multi-device is turned on
– Built more recently,
+ Secure single-device codes (your authentication codes cannot be viewed from any device besides your single phone)
+ Reputable brand behind the development
– No desktop application
– No cloud backups
– Cannot easily transfer between two devices
– No PIN protection
Why is 2FA important?
2FA is an important aspect of user security that safeguards accounts more than a traditional username and password combination alone. An account with 2FA enabled would be inaccessible without the confirmation code even if the username and password were entered correctly. There are numerous ways that simple usernames or passwords could be compromised especially for users with the same credentials on multiple websites, but with a secondary form of verification that is constantly changing and different across every website, you can secure your accounts from these compromises.