Tools used in this recipe
Domain name registration tool. First year price will depend on the domain selected.
If you have online accounts that store sensitive data, there's a good chance you have encountered two-factor authentication (2FA). When you log into your bank or healthcare provider's website or app and you are prompted to send a code to your phone that you then have to enter, that's a form of 2FA. 2FA is a subset of multi-factor authentication. It describes the additional level of security provided by having to use two pieces of information to prove your identity to a website or system. In the case of a bank website asking you for a code they sent through a text message, your two pieces of information are:
- Something you know - Your password for the particular site.
- Something you have - Access to the mobile phone your bank has listed for your account. The bank sends you a code to prove that you have access to that phone number.
Having either individual piece of data would provide a level of security, but for a malicious person to get into your account they would have to both know your password and have access to your phone, which is a higher hurdle.
Because text messages using the SMS protocol are potentially vulnerable to SIM jacking and other threats, several companies offer dedicated solutions for implementing 2FA. In this Recipe we'll use the free Google Authenticator app for iOS and Android phones, but companies such as Duo Security, Authy, and Yubico all offer solutions in this space at various price points.
Implementing 2FA With Google Authenticator
Start by downloading Google Authenticator for iOS or Android. Once you have the app installed you can start connecting it to sites. Since we used Namecheap for registering a domain name in another Recipe and it supports 2FA, we'll use that site as an example. To get started, log into Namecheap. Once logged in, access your account in the upper right and select Profile → Security → Two-Factor Authentication.
Namecheap lists Device Authentication as Top Security, and while it's true that using a hardware device provides an extra layer of security the devices cost money, and for an early-stage startup the tradeoff in using an authentication app is worthwhile. As your startup grows, implementing device-based 2FA is something you should evaluate.
Click Enable under the box marked Authentication App (TOTP). You'll be prompted to re-enter your password. Because adding 2FA with an authentication app like Google Authenticator will lock you out of your account if you lose your phone, Namecheap gives you the option to download backup codes. Download these and store them in a safe place such as your password vault. Click Next.
Namecheap will then show a QR Code. Open the Google Authenticator app on your phone and tap the multi-colored button in the bottom right, then tap Scan a QR code.
Once you have added it, you'll see a six-digit code with a circle that shrinks over time, and glows red when it's almost gone before the number changes and the circle goes back to being full.
What's happening behind the scenes is that these codes are regenerated every 30 seconds and are synchronized between your device and Namecheap. Entering the code proves to Namecheap that you have access to the second form of authentication, your phone. Enter the six-digit code in the field on this page and click Finish.
Once you have entered the code successfully, 2FA with Google Authenticator will be enabled for your account. Now when you log in to Namecheap, in addition to username and password you'll need to open the Authenticator app on your phone and enter the code to finish the login process.
Implementing 2FA for your Google account
Because of the popularity of Google accounts and the number of startups that establish G Suite accounts in early stages, this Recipe also includes a section on how to set up 2FA for your Google or G Suite account.
The contents of this Recipe are © Innovation Works, Inc. and are licensed under CC-BY-SA 4.0 . Contact us with questions or feedback, or to learn more about our structured program in Entrepreneurism based on Startup Recipes.