Around here, we’re big fans of two-factor authentication for protecting your accounts. But a reader has a question: “I just read your submission regarding changing your password on Yahoo. I now use 2-step verification and receive a text code which allows me more security. I could be wrong, but can a hacker get around that since my cell phone number only shows the last 4 digits of my phone number? Bottom line, is how secure is this procedure?”
Much more secure than not enabling 2-factor authentication. A lot more secure. Could a hacker who was particularly dedicated to getting into your account possibly figure it out using those digits? Maybe, after multiple attempts. But the hacker would probably get locked out first.
The good news is that most hackers are pretty lazy. If they can’t get in right away, they’ll go away. It’s a heck of a lot easier for them to hack into the accounts of the many millions who don’t enable 2-factor authentication.
A dedicated burglar can beat your deadbolt and your alarm system But you are still much safer than you would be without them.