Go To Namecheap.com
Hero image of Why you need to use two-factor authentication everywhere
Security & Privacy

Why you need to use two-factor authentication everywhere

Passwords are broken. 

Even so, passwords are still important. They’re just not nearly as effective as they used to be. People use weak passwords and re-use them from site to site. Additionally, hackers have harvested billions of usernames and passwords. For these reasons, passwords on websites aren’t nearly as secure as they used to be.

That’s why it’s important to use two-factor authentication for any important website account, including your bank, your trading accounts, and yes, even your domain name registrar.

How it works

Two-factor authentication (2FA) is an additional layer of security on top of passwords. It acts as a sort of second password when logging into sites.

This way, if someone manages to get your username and password to a website, they still can’t access your account unless they have access to your “second factor”.

Odds are you’ve already used 2FA without realizing it. A common example is when your bank sends a text message with a code you must enter before accessing your account. 

text message, shield on mobile phone and yubikey

Three types of 2FA

Text messages are the most rudimentary form of 2FA used today and also the weakest form of 2FA. There are three primary forms of 2FA currently in use.

  • Text messages – after entering your password, the business sends a text message to you with a one-time code. You must enter this on the website within a fixed period of time to complete the login process. While convenient, this is the least secure method because people can intercept these messages. However, it’s still worth using SMS-based 2FA if it’s the only option a website offers. It’s still significantly better than just using a password. 
  • App-based codes – a step up is to use an authenticator app such as Google Authenticator, available on both Android and iOS. Authentication apps work with multiple websites, so you only need to download one app to log in to multiple sites. The apps generate rolling codes that change about twice every minute. After entering your password at a website, the site will prompt you to open the app to find the current code. There are still some risks to this form of 2FA. Some thieves will try to trick you into entering your password on a fake site and then prompt you for your 2FA code. If you give the code, the thief can immediately log into your account. 
  • Physical keys – physical keys are the current gold standard for 2FA. They’re also easier to use than the other forms. A physical key is a small device that plugs into a computer USB port or connects wirelessly to your computer. When you enter your password, the site will ask you to touch your key or press a button on it, depending on the type. Keys can be used on multiple websites. Physical U2F security keys start at about $25.
securing your Namecheap and other accounts

Setting it up

Namecheap offers all three types of 2FA to secure your account, and it’s remarkably easy to set up. You’ll find the process very similar to how other sites activate 2FA.

Namecheap’s text-based 2FA has an additional option where you can approve logins through the Namecheap app

If you prefer to use an app-based code, you’ll log into your Namecheap account and use your phone’s camera to scan a QR code. It takes about a minute to set up. 

Namecheap also supports physical 2FA keys, which are the best method to secure your account. With a physical key, someone who knows your username and password still won’t be able to get into your account.

When setting up 2FA using an app or physical key, Namecheap provides you with a list of backup codes if you lose access to your phone or physical key. Make sure to print these and keep them in a safe place.

With malware and hacked passwords readily accessible on the web, it’s more important than ever to step up your security game. Set up two-factor authentication today.

Find out more about web security on our blog and also why you should set up 2FA for your business email.

Was this article helpful?
1
Get the latest news and deals Sign up for email updates covering blogs, offers, and lots more.
I'd like to receive:

Your data is kept safe and private in line with our values and the GDPR.

Check your inbox

We’ve sent you a confirmation email to check we 100% have the right address.

Help us blog better

What would you like us to write more about?

Thank you for your help

We are working hard to bring your suggestions to life.

Andrew Allemann avatar

Andrew Allemann

Andrew is the founder and editor of Domain Name Wire, a publication that has been covering domain names since 2005. He has personally written over 10,000 posts covering domain name sales, policy, and strategies for domain name owners. Andrew has been quoted in stories about domain names in The Wall Street Journal, Washington Post, New York Times and Fortune. More articles written by Andrew.

More articles like this
Get the latest news and deals Sign up for email updates covering blogs, offers, and lots more.
I'd like to receive:

Your data is kept safe and private in line with our values and the GDPR.

Check your inbox

We’ve sent you a confirmation email to check we 100% have the right address.

Hero image of Don’t let hackers ruin your profits this Black FridayWhy you need to use two-factor authentication everywhere
Next Post

Don’t let hackers ruin your profits this Black Friday

Read More