In today's digital world, our online accounts hold a treasure trove of personal information. From emails overflowing with work documents to social media profiles bursting with memories, keeping these accounts secure is crucial. This is where 2FA, or two-factor authentication, comes in as your digital security knight in shining armour.
Here at Chesterton House, we take your financial security seriously. That's why we're happy to announce that both our secure portals and Transact logins offer 2FA. Enabling 2FA adds an extra layer of protection specifically when accessing your accounts and making transactions.
What is 2FA?
Imagine locking your door with just one key. That's kind of like using only a password to log in – anyone who finds that key (or guesses the password) can waltz right in. 2FA adds an extra layer of security, requiring a second factor to verify your identity.
A 'factor' in authentication is a way of confirming your identity when you try to sign in. For example, a password is one kind of factor. By adding multiple 'factors' you increase the difficulty for someone else to guess your login information. The three most common kinds of factors are:
Something you know - Like a password, or a memorized PIN.
Something you have - Like a smartphone, or a secure USB key.
Something you are - Like a fingerprint, or facial recognition.
2FA simply means you've applied 2 different 'factors' to your account that need to be correctly entered to access your information. You might also hear the term 'multi-factor authentication' or MFA, which means the same thing - you've applied 2 or more factors.
There are a few ways you can set up multi factors. This could be:
A code from an authenticator app on your smartphone: These apps generate unique codes that change every 30 seconds, making it nearly impossible for hackers to crack.
A text message or email with a code: This is a convenient option, but not the most secure as hackers can sometimes intercept texts and emails.
A security key: This physical device plugs into your computer or phone and provides a unique code when prompted.
Why is 2FA Important?
Passwords can be stolen through phishing scams or data breaches. 2FA makes it much harder for hackers to gain access, even if they have your password. It's like having a double deadbolt on your digital door!
How to Use 2FA?
Most online services, including our portals and Transact logins, offer 2FA as an option. Look for it in your account settings under "security" or "two-factor authentication." Enabling it typically involves downloading an authenticator app (like Google or Microsoft Authenticator) or linking your phone number for text message codes.
Some services offer printable backup codes that are designed to be used in case you temporarily lose access to the authenticator app, i.e. your phone has run out of battery, or you've lost or changed your phone and you need to reset the 2FA. These codes work just like the ones generated by an authenticator app. It's important to store these backup codes somewhere secure in case you lose access to your phone. These codes are for temporary access and should not be used as a permanent alternative to the authenticator app.
We will never ask you to give us the 2FA code from your authenticator app, text message or email. We will also never ask for a copy of your back up codes. Never give these away or share them with anyone else, even if it's someone from our team. Similarly to banks.
What if I Don't Have a Smartphone?
If you don't have a smartphone, then the text or email option is likely most suitable for you. You can also consider using security keys, which are becoming more popular.
Does it Work?
According to Gitnux.org, 2FA can block 100% of automated bots, 96% of phishing attacks and 76% of targeted attacks, as well as blocking 99.9% of account compromise attacks.
Cyber attackers use a multitude of techniques such as sophisticated phishing where they get you to click on a dangerous links to gain access to your passwords or download dangerous attachments. These can come through on email but also via SMS or Whatsapp. Cyber criminals are relying on people getting tired of having 2FA on everything and that's when they pounce so it's important to stay vigilant.
While 2FA doesn't make you immune to being hacked, it does significantly reduce the chances.
The Takeaway
2FA is a simple yet powerful way to significantly boost your online security. It takes just a few minutes to set up and offers peace of mind knowing your financial information is better protected.
For detailed instructions on setting up 2FA within your portal, you can refer to the portal guidance document located in the "Documents" section of your portal. If you'd prefer assistance, don't hesitate to contact us – our friendly team is happy to walk you through the process.
You can learn more about steps you can take to increase your security through Transact's Client Security Centre. Click here to access it.
The National Centre for Cyber Security also has some helpful information on keeping secure when online. Take a look at their website here.