In the last post, we understood the roots of security happening now.

So, obviously, people need somehow to tell subscriber on the other side of the wire they are who they are supposed to be.

In ancient times when DARPA was building the first internet, it appeared that password is the most useful and simple thing for that. I know something others do not know, and that is why that is me. It requires some bytes to store it (at that time it was essential), and you can type it on the keyboard. What could be better?

Apparently, there are other things, not better, but others, that we can use to prove our identity.

• Again, first one is something you know. Password, for example.

• It is biological attributes (retina, palm print, fingerprint and so on). It is "Who are you?". It is built-in in everyone of us by default. We recognise others just by looking at their face or hearing for their voice.

• And it is something you have, but others do not. The physical key, token, telephone with SMS messages on it etc.

All three have their pros and cons.

With time, when technology evolved, and we learned to quickly and reliably scan biological attributes and managed to give everyone something, so they have it, to improve security, we started mixing those things to eradicate their inherent flaws. And here on stages comes 2 Factor Authentication (2FA). It is always two our of three above. For example, password (something I know) and fingerprint (something I have).

Use everywhere possible 2FA. It makes it much harder to steal your identity.