Most of us probably have a substantial number of different accounts with various platforms and services. Whether it’s for online banking, e-mail or streaming services, you won’t get far without accounts these days.
Generally speaking, only a password protects these kinds of accounts, including your data, from unauthorized access. Unfortunately, a password alone often does not offer sufficient protection, not least because hackers’ attacks are becoming increasingly sophisticated in the age of artificial intelligence. Thousands upon thousands of passwords can be tried in the blink of an eye, and phishing e-mails often look deceptively real these days.
To minimize these risks, two-factor authentification has become increasingly prevalent over the past ten years. As a supplementary security layer, it makes it harder for an attacker to log into an account, even if they know the password.
Since security is a top priority at Hostpoint, we also offer two-factor authentification. In this article, we explain the significance of this additional security layer and how you can activate it in the Hostpoint Control Panel.
How does two-factor authentification work?
Two-factor authentification (often abbreviated as “2FA”) is an authentication method that offers additional protection for user accounts. In addition to querying the username and password, an additional, second factor is used to verify the user’s identity. This second factor can take completely different forms – it could be anything from a one-time code via text message to the familiar principle of a bank card together with a PIN code at the ATM.
The following table shows the different factors that exist and how they are usually used for authentification:
| Factor | Meaning | Forms (examples) |
|---|---|---|
| Knowledge | Something you know |
|
| Possession | An object that you possess |
|
| Property | Something that makes a person unique |
|
While two-factor authentification is the most widely used method in practice, authentication can be expanded to three or more factors. This is particularly the case within companies or organizations that require a very high level of security, such as certain government agencies or banks. In this case, the umbrella term multi-factor authentication (“MFA” for short) is used.
For some services that handle particularly sensitive data (e.g. online banking), 2FA is often required to use the service in the first place. But even other providers like Google now require users to use the additional authentication step. Consequently, two-factor authentification is at present a permanent fixture in the digital world.
The importance of strong passwords
But two-factor authentification is merely one security measure to protect accounts. People often forget that they only come into play when the first factor (usually the password) has “failed,” i.e. it has been stolen or guessed by an attacker. To prevent this, password security plays a key role. Passwords should be as strong as possible, not re-used, and definitely not written down.
A strong, secure password meets the following criteria:
-
Length: A password should be at least 12 characters long. The longer, the better.
-
Complexity: Passwords should always be a combination of uppercase and lowercase letters, numbers and special characters.
-
No personal connection: The password should not be something that can be associated with you. So don’t use any names, birthdays, places of residence or the like.
-
No words from the dictionary: Passwords should not come from the dictionary. Those can be tried automatically by computers.
-
No common patterns: Sequences of numbers and letters (e.g. 1234, abcdefg) or keyboard patterns (z. B. asdfghj) can be guessed quickly.
An example of a secure password would be aeUzo7d&873BA6qh4u%WS7. According to the official password checker from the Canton of Zurich’s data protection officer, this password is very strong – an attack would take several million years! Since it’s obviously difficult to memorize a password like this, we recommend using a password manager.
A password manager enables you to generate and store complex passwords without having to memorize them. You just need a single password to access the password manager (and ideally a second factor, such as a fingerprint). When selecting a provider, you can look for functions like 2FA and end-to-end encryption (E2EE) with strong encryption like AES-256.
How 2FA is implemented at Hostpoint
Hostpoint also offers customers two-factor authentification for login to the Hostpoint Control Panel. The second factor is a one-time code generated by the authenticator app of your choice (e.g. Google Authenticator, Authy, Aegis).
For security reasons, we emphatically advise all of our customers to use two-factor authentification. You can easily activate it in just a few steps in the Hostpoint Control Panel. All you need is your smartphone and your telephone number.
To activate it, follow these steps:
- Log into the Hostpoint Control Panel using your Hostpoint ID.
- After login, click on “Admin” in the menu.
- Then scroll down on the “Hostpoint ID” page that is now displayed until you reach the “Two-factor authentification” section.
- After clicking “Enable”, you will be guided through the activation process step by step.
Once the activation is complete, you will be asked for the second factor the next time you log in. This means that from now on, you will also have to enter the six-digit code from the authenticator app in addition to your Hostpoint ID and password. If you don’t have access to your smartphone, you can request a replacement code via mail.
To further enhance security, all login attempts to the Hostpoint Control Panel are monitored for suspicious activity. If anyone attempts to log in with your Hostpoint ID from an unrecognized device, you will be notified by e-mail. The login is only approved if the verification code from the e-mail is entered. This is how we provide the best-possible protection against unauthorized access to your account.
Note:
Further useful information on activating and using two-factor authentification at Hostpoint is available in our Support Center. And of course, if you have any questions you can always contact our free Customer Care by phone at 0844 040404 or via e-mail at support@hostpoint.ch.
