Fortune.com/Jeff John Roberts: Most People Aren't Using This Critical Web Security Feature

Fortune
Tech
Cybersecurity

Most People Aren't Using This Critical Web Security Feature

How To Use Two-Factor Authentication to Keep Hackers Away

The extra security measure that will help protect your privacy.
Mute
Current Time 0:00
/
Duration Time 1:31

Captions
By Jeff John Roberts November 7, 2017

The ongoing hacking epidemic is leading people to protect their online accounts—or so you would think. In reality, a study suggests about three quarters of the population are ignoring the most effective way of keeping hackers out of their personal information.

The tool, known as two-factor authentication (2FA), prompts people to enter a text message code or some other piece of extra information when they log in from an unfamiliar computer. This can stop a hacker, even one one who has guessed your password, from getting into your Facebook or Gmail accounts.

But even though security reporters and big tech companies have been preaching the virtue of 2FA for years, the message does not appear to getting through to the general public. According to a survey conducted by the firm Duo Security:

    Only 28% of people are using 2FA at all
    More than half of the respondents (56%) had not even heard of 2FA in the first place

The actual percentage of those is using 2FA is probably even lower as Duo says its sample size of 443 people was more affluent and more educated than the general population.

It’s also notable that 29% of the sample are using 2FA began doing so involuntarily—i.e. at the behest of their employer. This means it’s likely a good percentage of those who are using 2FA are doing so for work (for instance to access tools like Slack or remote email) and not for personal accounts like Gmail or Yahoo Mail.

This is discouraging because many most serious cases of hacking and identity theft begin by attackers sifting through victims’ email accounts for other information. (The most famous example is John Podesta, Hillary Clinton’s presidential campaign manager, who was tricked by the Russians into supplying his Gmail password. If he had 2FA turned on, the hackers would likely not have broken in.

In their conclusion, the Duo Security report authors acknowledge the tech and security community need to do more about educating everyday people about 2FA:

    This survey underscores the reality that we as a security community still have a long way to go when it comes to educating the everyday person about proper security behaviors in general and 2FA in particular. We believe the crux of that disconnect is that most people don’t understand the importance of 2FA in helping prevent unauthorized access.

One source of the problem may be the jargon—”2FA” or “two-factor authentication”—used to describe a simple security concept: the requirement for an extra step, such as a text message code, when someone tries to login from an unfamiliar device.

Get Data Sheet, Fortune’s technology newsletter.

It’s also possible companies that offer 2FA, which these days include everyone from Amazon to Facebook, may not be doing enough to bring the feature to their users attention and to encourage them to turn it on.

Finally, here is a graphic from the Duo Security report that shows the respective popularity of different 2FA methods. As you can see, the most popular method is SMS/text messages followed by so-called authenticator apps (such as RSA or Google Authenticator) which display a temporary code. Meanwhile, only 9% of respondents are using security keys, which are even safer than the other methods but require users to carry a physical key like this one.

Duo Security, which produced the report, helps companies manage 2FA for their users. The Ann Arbor-based firm recently gained attention as a so-called “unicorn” (a startup with a valuation over $1 billion), while Facebook’s Head of Security described Duo as his favorite security product.

You can turn on 2FA for Gmail here, for Facebook here, and for Twitter here. See the video above for more information on how to use 2FA.

Sponsored Stories

    Facebook Is Changing The Way We See Translation Facebook Is Changing The Way We See Translation Facebook Code
    4 Things You Need To Know About Breast Cancer Awareness 4 Things You Need To Know About Breast Cancer Awareness Beauty Bakerie

Recommended by
SPONSORED FINANCIAL CONTENT
Where is the clever money going?
MarketViews
Latin America’s Renewable Energy Revolution
LatAm Investors
Actively Riding the Wave of ‘Creative Disruption’
Allianz Global Investors
The Risk of Doing Nothing
Waverton
“Central Bankers Face a Crisis of Confidence as Models Fail”
RMG
You May Like
Tech
AT&T's Chief Financial Officer Doubtful About When the Time Warner Deal Will Close
Tech
These Are Best Buy's Black Friday Deals on Apple iPad, Microsoft Xbox One S, Google Home, and More Tech
Tech
Data Sheet—At Long Last, Flying Cars Are on the Way (Probably)
Tech
Why Russia Might Still Block Facebook Next Year
Tech
Amazon Cloud Cam Review: Home Monitoring in an Affordable Package
Tech
Facebook Is Asking Users to Send Nudes. For a Good Reason
Stories From
The Embarrassing Problem Holding Back Tesla’s Model 3
oilprice.com
Millennials Are Killing Goldman Sachs
dealbreaker.com
Ken Griffin And The Art Of The Revenge Hire
dealbreaker.com
India, China, U.S., Complain Of Venezuelan Crude Oil Qua...
oilprice.com
Kinder Morgan Warns About Trans Mountain Delays
oilprice.com
Read More
Tech
The FBI Can't Open the Phone of the Texas Church Shooter...
Briefing
Yahoo's Marissa Mayer Subpoenaed to Testify Before Senat...
Entertainment
How to Spot the Netflix Email Scam Hitting Millions of S...
Before You Apply For a Credit Card, You Must Visit Compa...
Compare Cards
Tech
Kaspersky Struck References to 67 'Tech Partners' Like A...
Subscribe & Save
Subscribe today and save 79% off the cover price.
SUBSCRIBE NOW
Sign Up for Our Newsletters
Sign up now to receive FORTUNE's best content, special offers, and much more.
SUBSCRIBE

    40 Under 40
    100 Best Companies to Work For
    Fortune 500
    Global 500
    Most Powerful Women in Business
    World's 50 Greatest Leaders
    World's Most Admired Companies
    All Rankings

    Home
    Automotive
    Careers
    Design
    Energy & Environment
    Executive Travel
    Finance
    Commentary

    Health
    International
    Leadership
    Luxury
    Markets
    Most Powerful Women
    Retail
    Sports

    Technology
    The Ledger
    Venture
    Photography
    Podcasts
    Videos
    Newsletters
    Magazine

    Fortune Knowledge Group
    Fortune Data Store
    Fortune Conferences
    TIME Health
    Customer Service
    Site Map
    Privacy Policy
    Advertising

    Subscribe
    Give a Gift
    Ad Choices
    Terms of Use
    Your California Privacy Rights
    Time Inc. Careers

© 2017 Time Inc. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy (Your California Privacy Rights).
Fortune may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.
Quotes delayed at least 15 minutes. Market data provided by Interactive Data. ETF and Mutual Fund data provided by Morningstar, Inc. Dow Jones Terms & Conditions: http://www.djindexes.com/mdsidx/html/tandc/indexestandcs.html.
S&P Index data is the property of Chicago Mercantile Exchange Inc. and its licensors. All rights reserved. Terms & Conditions. Powered and implemented by Interactive Data Managed Solutions.