(by Jake Holmes with the Maine Credit Union League) With the world becoming increasingly digital, online accounts have been a prime target of scammers and fraudsters attempting to steal people’s personal information. In 2021, the Federal Trade Commission received fraud reports from more than 2.8 million people, with $5.8 billion lost. The two most commonly reported categories were imposter scams and online shopping scams. While passwords are the first line of defense in protecting personal information and preventing online fraud, they are a fragile defense. People can be lulled into a false sense of security by thinking their long, complex, hard-to-guess passwords are enough to keep them safe online. If an online retailer or service improperly stores passwords and has their server breached, the fraudster has access to all user passwords. The second and much stronger line of defense for accounts is two-factor authentication.
What is two-factor authentication?
Also known as multi-factor authentication, it is an extra security step in the process of logging into an account. As usual, people enter either their username or email address––followed by their password. However, instead of being granted access to their account after successfully entering the password, the user needs to confirm their identity via another specified method. For example, the user may receive a text message or an email with a one-time code that must be entered in order to complete the login process. Other two-factor authentication methods include biometric information, such as fingerprint or facial recognition scanning.
Also, growing in popularity are authentication apps. The apps generate short codes that change on a regular basis. If the app is someone’s method of two-factor authentication, they’ll need to copy the code from the app in order to log in. This makes it much, much more difficult for fraudsters to gain access to accounts. Even if a fraudster was able to get their hands on someone’s password, they still wouldn’t be able to access their account without the user’s personal device. With facial recognition or fingerprint scanning, they still wouldn’t be able to access the account even if they had the password and device.
Where should people use two-factor authentication?
For maximum protection, people should use two-factor authentication everywhere that it’s an option. While no security method is entirely foolproof, two-factor authentication makes it more difficult for fraudsters to steal personal information or access accounts.
Contact your local credit union and ask them how they can help you set up two-factor authentication on your account.
For our members’ convenience, links are available in this website to allow quick access to other sites that may be of interest. Clicking on a third party link will take you out of Downeast Credit Union’s website to an alternative website not operated by DECU. The Credit Union is not responsible for the content of the third party website and does not represent either the third party website or the member if you enter into a transaction. Privacy and security policies of the website to which you are linking may differ from those practiced by DECU.