The security of an account is becoming increasingly important. After all, much personal sensitive information is now contained in your email inbox, mobile phones, and your social media accounts, which means account security can be regarded as privacy security.
If a malicious user cracks your account, they could have access to your emails, bank accounts, social media accounts, and other sensitive accounts that hold your confidential, personal data. The victim could also face a range of emotional pressures, including stress and anxiety. Therefore, it’s so important to take measures to protect yourself from that situation.
Oftentimes, a user's password is simple so that it is easy to remember. The more simple the password, the easier it is to crack or guess. A malicious user may guess your password because they were able to find out certain things about you, such as your birthdate, favorite athletes/singer or kid’s name. A malicious user may also crack your password by using a bot to generate the right combination of letters/numbers within a short time period.
Even long passwords are still risky. You may think passwords containing numbers, upper and lower case letters, plus symbols are safe. But unfortunately, it’s not true.
On the one hand, the malicious user’s technical means are constantly improving, and the performance of hardware devices is developing rapidly under the influence of Moore's Law. It makes the time to crack your password shorter and shorter.
On the other hand, most people get used to registering accounts on different websites/apps with the same password. It greatly increases the risk of leaking your password, and leaves the chances to a malicious user.
Therefore, to just count on single-factor authentication - a password to guard your account is not a smart choice.
The better way to secure your account is to enable two-factor authentication.
According to the authentication mechanism, there are three main types of factors.
Two-factor authentication means to use at least two of the three factors.
The idea here is that to authenticate successfully, you must provide all of the necessary identifying factors within a specified amount of time.
This means even if your password gets exposed in a data breach or leak, or if a malicious user steals it through phishing, they can’t access your account without that other identifying factor.
For users, in any case, two-factor authentication is far more secure than a simple account password.
How does two-factor authentication work? Here are some usual steps:
Two-factor authentication provides a second layer security for user accounts on our platform. When a player logs into their account with two-factor authentication enabled, they must provide both their credentials and the two-factor authentication code from their selected preferred method.
At Accelbyte, we practice with the "something you know" - password and "something you have" - authenticator app which is installed on your mobile phone to make your account more secure.
Authenticator apps replace the need to obtain a verification code via text, voice call or email. For example, to access a website or web-based service that supports Google Authenticator, users type in their username and password. Users are then prompted to enter a six-digit number. Instead of having to wait a few seconds to receive a text message, an authenticator generates the number for them. These numbers change every 30 seconds and are different for every login. By entering the correct number, users complete the verification process and prove possession of the correct device.
Learn more about two-factor authentication with AccelByte here or request a demo!