Josselin Dionisi - Freelance developer

Why is dual authentication (2FA) important?

ionicons-v5-k Josselin Dionisi Jun 10, 2021
112 reads Level: Beginner

The what? What's this now?
No, I'm sure you've already heard of it. Double authentication, often referred to under the acronym 2FA (for 2 Factors Authentication), is the principle of requiring 2 proofs of identity from a user to connect to a site, app or service.

So here's a scoop: you've all used this before, and for a very long time. And yes, when you withdraw money from a cash dispenser (or make a contact payment with your bank card), it's 2FA. You use your card itself, with its number and chip, then enter your 4-digit code.


How double authentication works

On a website or app, the principle is the same: you're asked for your classic email/password, but before actually logging in, you're asked for another verification. You're either sent an email, an SMS or asked for a randomly generated code.

In short, there's what happens on the site in question where you're trying to log in, and what happens on a third-party site. The advantage of separating these actions is to limit identity theft, since the hacker would need to have access not only to your e-mail/password pair, but also to your e-mail box, phone number or e-mail address.The advantage of separating these actions is to limit identity theft, since the hacker would need to have access not only to your email/password pair, but also to your email box, your phone number or another app on which you are authenticated in a different way (yes, I see you, don't you put the same password on all your apps?).


Example of 2FA use

Applications such as Authy and Google Authenticator let you manage your 2FA on various platforms. Most social networks, for example, allow this configuration.
These will generate a continuous ephemeral code and display it each time you open the app. If you try to connect to a platform where 2FA is enabled, you'll be asked to enter this code to confirm your attempt.

2FA Twitch

Trying to connect to Twitch with 2FA enabled

Authy application

The Authy application, 2FA manager

Okay, that's all well and good, but what if I want to add 2FA to my website or app?
Of course, and that's the subject of the second part of this article, in which we'll show you how to implement this system in our products.


At a time when people are increasingly teleworking and shopping online, it's important to certify the identity of anyone logging on to one of your services.