This can happen in several ways, including a phishing attack, malware or credit-card-reader skimming. There is a another way, however: account recovery. If you remember what happened to journalist Mat Honanhis accounts were compromised by leveraging the "account recovery" feature. Account recovery resets your current password and emails you a temporary one so that you can log in again.
Account recovery works as a tool for breaking two-factor authentication because it "bypasses" 2FA entirely, Fenton explained. Fenton continued: "Account recovery took some extra time, but three days later I got an email helpfully explaining that 2FA had been disabled on my account. Account recovery is not a problem without a solution, though.
Or, at least, solutions are being worked on. But by virtue of being more commonplace, it will become easier to use, too. Oberheide said that many of his customers start off thinking that implementing 2FA will be expensive or hard to use, but often find that their experience with it is the opposite. But he noted that older systems can have a hard time getting 2FA going. Fenton noted that increased adoption could create opportunities to refine the technology.
It seems that 2FA is really exploding right now," he said. Despite its problems, Oberheide sounded an optimistic tone for two-factor authentication. Be respectful, keep it civil and stay on topic. We delete comments that violate our policywhich we encourage you to read. Discussion threads can be closed at any time at our discretion.
Seth RosenblattJason Cipriani. Insert the key to the USB port of your computer and press the button when prompted for verification. You cannot register the FIDO secure key using a different browser.
After you register the key with your account, you can use the button that is available on the key to authenticate. To use the two-factor authentication feature for your account, you need to configure at least two of the three verification methods, in any combination. Sign in to your account.
In the top-right corner of the page, hover over your profile icon and then click Account Settings. If you see the option Verify your emailit could be because your email address has not been verified by NortonLifeLock. Click that option to get a verification email.
Open the email that you received and click the Confirm Now link to proceed with two-factor authentication setup. The verification email has the following details:. Choose any one of the following primary verification methods. You need to set up two methods primary and backup.
You can change them at any time by signing in to your account. Select Mobile authenticator app and then click Next :. Download any authenticator app on your phone from Google Play or App store, or open an authenticator app that you already have on your phone and do the following:.
Common issues with two-factor authentication
Scan the QR code on the screen with your authenticator app to register your account with the app. Select Security key and then click Next. If you want to get the code as a message or voice on your mobile, do the following:. Select Mobile phone number and then click Next. Enter your mobile number to which you want to receive the code as SMS.
To receive the code as a voice message, click Call me with a code. You are shown 10 different single-use security codes that you can use to login to your account if you have trouble receiving the two-factor security codes on your phone.
FAQ: Two-factor authentication for your account
Click Download or Print to save the backup codes. To set up a backup method, next to Backup Methodsclick Add a new method. Choose any one of the backup methods for receiving the code. Depending on your choice, use the information in the above steps to set up the method.
Backup method is used in case your primary method does not work. So, choose a different method than the one that you set up for a primary method. For example, if you have selected Mobile authenticator app as the primary method, choose Mobile phone number or Security key as the backup method.
If you do not want two-factor authentication to access your account, you can disable the feature at any time. If you want to remove all your existing two-factor authentication details, select Also clear all my Two-Factor Authentication settings. Use the below information to print, download, or regenerate your single-use backup security codes.
In the Two-Factor Authentication section, click Show codes. If you have used a code, it appears as a strikethrough number. You cannot use this code for future logins.
If you have used all your backup codes or want to get new backup codes, click Get New Codes. The verification code that you receive is valid only for a specific time duration.