Two-factor authentication adds another additional security layer to your account and services with Netz0 by requesting an extra step while authenticating to your account. This method combines something you know (like your password) with something you have (like your mobile phone).
Since both factors are required, something you know and something you have in your possession, this provides extra security for your account against attackers that could have obtained your password.
Should I activate it?
The use of only a password constantly involves the danger that someone could obtain it or that it falls into the hands of third parties which then access your account without your authorization. We suggest using two-factor authentication when possible to prevent intrusions and non-authorized access to your services. The security of both your account and services with Netz0 drastically increases while activating two-factor authentication because the password alone can’t be used to gain access. The attacker would also need access to your second-factor device. Passwords get leaked, stolen and cracked all the time, in particular, if re-used in multiple sites.
How does it work?
The two-factor authentication is based on the premise of combining two identification methods:
- Something you know
- Something you own
A password is something you know. As the user, you are aware of the secret access password to your account, but if someone else knows this information, that person could identify himself with Netz0 and pretend to be you. This method provides security against password leaks from other websites or from malware attacks to systems that store your logins.
The second factor is usually a physical device you have when the authentication is executed, so it is possible to verify the person accessing is indeed the account holder. Normally a mobile phone is used as the second factor since most people carry one around as a personal device, but other physical devices can also be used. Once a phone is registered, it generates a unique security code which must be utilized together with the account password on each login.
No factor independently and on its own is secure. Your phone could fall into the wrong hands if stolen or lost. Similar, your password could laeak if reused somewhere else, malware can steal it from your computer or someone can just guess it. However, if you combine them, they both add security to each other.
Once enabled, you log in with your username and password as usual, but before granting you access, Netz0 then asks for an additional security code. This code is generated by your phone and rotates every 30 seconds. No other phone in the world can generate the code except the one that registered with your account.
This prevents intruders from remotely logging to your account even if they know your password as they do not have physical access to your phone. Both the account password plus the unique code generated by your phone would be required.
Install Mobile Application
A mobile authenticator app generates a unique valid and secure code for a few seconds that can be used as second-factor authenticator on your mobile phone or tablet. Any application compatible with the TOTP protocol should work but here are some suggestions:
Google Authenticator (Android/iPhone/BlackBerry)
Amazon MFA (Android/Kindle)
Microsoft Authenticator (Android/iPhone/Windows Phone)
Duo Mobile (Android/iPhone)