By Amy Hofmockel, Creative Technology Librarian
There are a lot of steps to securing your accounts and personal information these days, and it can seem like you have to jump through hoops just to read your email. However, it’s important to prioritize your account security to try to keep your private information safe.
Digital security is an ongoing competition between bad actors, people who want to steal information, and cybersecurity professionals, people who want everyone’s information to stay secure. The race between the two sides is always evolving, so it is important that you stay up to date on the best ways to secure your information and accounts.
In this article, we will go over a few of the most common methods of securing accounts, what they are, and how they’re used.
What is a password?
We’ve been using passwords for a long time. They’re a string of letters, numbers, and sometimes symbols that a person must enter when they wish to access an account.
Passwords can be insecure because they are held by the website you are logging into (which could be compromised) and by you. Sometimes people give their passwords to trusted friends and family, or write them down in a private notebook or on a post-it taped to their computer, all ways bad actors could access that information.
Passwords are like having a guard at the door: If anyone tells them the password, they are let in.
What is Two-Factor Authentication (2FA)?
Two-Factor Authentication (2FA) is a system that requires you to provide two forms of proof that you are authorized to access an account. These forms can be:
- Something you know: passwords or PINs
- Something you have: a smartphone, a passkey, a smart card, etc.
- Something you are: fingerprints, facial recognition, or voice match
2FA means that bad actors would need to jump an additional hoop to get your information.
This is like the guard at the door asking for your password and your ID.
What is a passkey?
A passkey is part of a sign-in standard created in 2022 by companies like Google, Apple, and Microsoft that uses your personal device to create encrypted authentication instead of asking you to create a password. This is more secure than a password because your device can generate a more complex, encrypted password than you can.
The way it works is similar to 2FA, but more automatic. When you create a passkey and use it to log in to an account, the account will request that passkey from your personal device. Your device will not give up the passkey until you unlock it with a biometric, such as facial recognition or a PIN.
Once you unlock your personal device, the account that requested the passkey is granted access, and you can now use your account. The website stores encrypted versions of the passkey, but even if a bad actor got those, they would be useless without your personal device’s matching passkey.
With passkeys, you need to remember fewer passwords, which might make you feel you have less control over your own security. However, it’s important to remember that a computer can generate encrypted “passwords” that are hundreds of characters long—instead of the typical 8-12 characters. If you were to lose your phone or personal device, it would still be secure because someone would need to unlock your phone (using your biometric data… and they don’t have your fingerprints!) to access your passkeys.
Having a passkey is like when a secret agent has to scan their eyeball at the door, and then the guard recognizes them by their badge, so they can just walk on through. Even if a bad actor faked the eyeball scan and the badge, the guard would recognize that they don’t match.
Explore more
We hope that the information in this article has helped you make a decision about how you want to secure your information.
If you’d like to learn more about browsing the internet safely:
- Read Tech Tips: A guide to navigating Google search results
- Explore the Learning Computer Security and Internet Safety course from LinkedIn Learning
Have a tech question?
About Amy
Amy is a creative technology librarian who always looks for ways to create those “ah-ha!” moments for digital learners. She enjoys writing, gadgets, and baking.