PROJECT: TWO-FACTOR AUTHENTICATION

PLEASE SHARE THIS PUBLIC DOCUMENT

In an era of escalating cyberattacks, security experts are issuing an urgent plea to the public:

the age of the password alone is over.

The key to personal digital safety now lies in a simple, free, and highly effective tool called Two-Factor Authentication.

Two-factor authentication (2FA) is a security method that requires two distinct forms of identification to verify a user's identity for access to an account or system, typically combining something the user knows (like a password) with something they have (like a phone or authenticator app). This added layer of security makes accounts much more difficult to compromise, even if a password is stolen, by requiring a second, independent verification step for access.

DEFINITION:

• Imagine your home is protected by two locks: a standard key lock and a unique fingerprint scanner.

• A thief might copy your key, but without your fingerprint, they are stopped in their tracks.

• This is the core principle of Two-Factor Authentication (2FA).

• In the digital world, 2FA adds that crucial second "lock" to your online accounts.

• It requires two distinct types of evidence to verify your identity:

  • Something You Know: Your password.

  • Something You Have: A physical item in your possession, like your smartphone, a security key, or a code generated by an app.

• "Passwords are fundamentally vulnerable," explains Dr. Anya Sharma, a cybersecurity professor at Northwood University.

  • "They can be stolen in data breaches, guessed by hackers, or tricked out of you through phishing. Two-factor authentication creates a dynamic defence. Even if a criminal obtains your password, they hit a wall without that second, time-sensitive factor."

HOW IT WORKS:

• When you try to log in, you provide your password (the first factor).

• Then, the system prompts for a second factor, such as:

  • A code from a text message (SMS): sent to your registered mobile phone.

  • A code from a mobile authenticator app, like Google Authenticator or Microsoft Authenticator.

  • A push notification: on a trusted device that you have approved.

  • A passkey: for account sign-in.

  • Biometric data, like a fingerprint or facial scan.

BENEFITS OF 2FA:

• ENHANCED SECURITY:

  • Significantly strengthens account security by requiring two independent factors, not just a password, which can be stolen.

• PROTECTION AGAINST CYBERCRIME:

  • Makes it much more difficult for hackers to access sensitive data through phishing, spyware, or other attacks that steal credentials.

• VERSATILITY:

  • It can be used to secure online accounts, smartphones, and even physical locations requiring multiple forms of entry.

• CONVENIENCE:

  • Modern methods, like authenticator apps and push notifications, are often more convenient than older hardware tokens that could be lost.

COMMON TYPES OF THIS SECOND FACTOR INCLUDE:

• A TEXT MESSAGE (SMS) CODE:

  • A code is sent to your phone via text.

• AN AUTHENTICATOR APP:

  • An app like Google Authenticator or Authy that generates a temporary code on your device.

• A BIOMETRIC SCAN:

  • Using your fingerprint or face ID on your phone or laptop.

• A PHYSICAL SECURITY KEY:

  • A small USB or Bluetooth device that you plug in or tap.

• While SMS is common, security experts increasingly recommend using an authenticator app or security key, as they are more secure against SIM-swapping attacks, in which a hacker hijacks your phone number.

A SURGE IN ATTACKS MAKES 2FA ESSENTIAL:

• The push for widespread 2FA adoption arises as data breaches and identity theft hit record highs.

• Recent reports from the FBI's Internet Crime Complaint Centre show billions lost to online fraud, much of which could have been prevented by stronger authentication.

• "Cybercriminals are automated and relentless. They use bots to test billions of stolen username and password combinations on popular sites like Facebook, Google, and banks—a tactic called ‘credential stuffing'," says Mark Chen, CEO of a digital security firm. "Enabling 2FA stops these attacks in their tracks. The bot has the password, but it does not have your phone."

A STEP-BY-STEP GUIDE ON HOW TO SET UP 2FA:

• Setting up 2FA is a straightforward process that takes just a few minutes per account.

• The steps are generally similar across most major platforms.

• GENERAL GUIDE:

1. LOG IN TO YOUR ACCOUNT:

• Go to the website or app for the service you want to secure (e.g., Gmail, Facebook, Apple ID, your bank).

2. NAVIGATE TO SECURITY SETTINGS:

• Look for a menu labelled "Security," "Privacy & Security," or "Account Settings."

• This is often found in your profile menu.

3. FIND THE 2FA OPTION:

• Search for an option called "Two-Factor Authentication," "Two-Step Verification," or "Multi-Factor Authentication."

4. CHOOSE YOUR METHOD:

• You will typically be presented with options.

• For the strongest security, choose "Authentication App" if available.

5. FOLLOW THE ON-SCREEN PROMPTS:

• If using an Authenticator App: The site will display a QR code. Open your authenticator app (e.g., Google Authenticator, Microsoft Authenticator, Authy), scan the code, and enter the 6-digit code it generates to confirm.

• If using SMS: You will enter your phone number, receive a text code, and enter it to verify.

6. SAVE BACK-UP CODES:

• Most services will provide a set of one-time-use backup codes.

• Print these out or save them in a secure place.

• These are your lifeline if you lose your phone or authenticator device.

PLATFORM SPECIFIC STARTING POINTS:

• GOOGLE (Gmail, YouTube):

  • Visit your Google Account > Security > 2-Step Verification.

• APPLE (iCloud, App Store):

  • On your iPhone: Settings > [Your Name] > Password & Security > Turn On Two-Factor Authentication.

• FACEBOOK:

  • Settings & Privacy > Settings > Security and Login > Use two-factor authentication.

• MICROSOFT (Outlook, Xbox):

  • Visit your Microsoft Account > Security > More security options.

• BANKS AND FINANCIAL INSTITUTIONS:

  • The process varies, but look for security settings within your online banking portal or mobile app.

  • Many now require or strongly encourage it.

THE FUTURE IS PASSWORD-LESS:

• The industry is already moving beyond 2FA towards a "password-less" future, where biometrics and security keys replace passwords entirely.

• But for now, enabling two-factor authentication remains the single most effective step an individual can take to protect their digital identity.

"It's no longer a feature for the tech-savvy; it's a basic necessity for everyone.

Taking five minutes today to enable 2FA on your email and bank accounts can save you from a catastrophic hack tomorrow.

It’s the digital equivalent of locking your front door—and then adding a deadbolt."

INTERVIEWS:

East Coast Radio

6 October 2025

SARS eFiling hijackings linked to public Wi-Fi

Anthony Boucher, head of the Cybercrime Unit at SSS,

says strong passwords and two-factor authentication offer the best protection.

Online:

• https://mikebh.link/3chp6p

PDF:

• https://mikebh.link/2ja9ev

and:

• https://youtu.be/I6Q08ZAAdSE

Specialised Security Services invites the public to the Mike Bolhuis Daily Projects WhatsApp Channel.

This channel is important in delivering insights into the latest crime trends, awareness, warnings and the exposure of criminals.

How to Join the WhatsApp Channel:

1. Make sure you have the latest version of WhatsApp on your device.

2. Click on the link below to join the Mike Bolhuis Daily Projects WhatsApp Channel:

- https://whatsapp.com/channel/0029VarjftF8PgsI4pODE929

3. Follow the prompts to join the channel.

4. Make sure you click on "Follow", then click on the "bell"-icon (🔔)

CONTACT MR MIKE BOLHUIS FOR SAFETY AND SECURITY MEASURES, PROTECTION, OR AN INVESTIGATION IF NEEDED.

ALL INFORMATION RECEIVED WILL BE TREATED IN THE STRICTEST CONFIDENTIALITY AND EVERY IDENTITY WILL BE PROTECTED.

Regards,

Mike Bolhuis

Specialist Investigators into

Serious Violent, Serious Economic Crimes & Serious Cybercrimes

PSIRA Reg. 1590364/421949

Mobile: +27 82 447 6116

E-mail: mike@mikebolhuis.co.za

Fax: 086 585 4924

Follow us on Facebook to view our projects -

https://www.facebook.com/MikeBolhuisOfficial

EXTREMELY IMPORTANT: All potential clients need to be aware that owing to the nature of our work as specialist investigators there are people who have been caught on the wrong side of the law - who are trying to discredit me - Mike Bolhuis and my organisation Specialised Security Services - to get themselves off the hook. This retaliation happens on social media and creates doubt about our integrity and ability. Doubt created on social media platforms is both unwarranted and untrue. We strongly recommend that you make up your minds concerning me and our organisation only after considering all the factual information - to the exclusion of hearsay and assumptions. Furthermore, you are welcome to address your concerns directly with me should you still be unsatisfied with your conclusions. While the internet provides a lot of valuable information, it is also a platform that distributes a lot of false information. The distribution of false information, fake news, slander and hate speech constitutes a crime that can be prosecuted by law. Your own research discretion and discernment are imperative when choosing what and what not to believe.

STANDARD RULES APPLY: Upon appointment, we require a formal mandate with detailed instructions. Please take note that should you not make use of our services – you may not under any circumstance use my name or the name of my organisation as a means to achieve whatever end.

POPI ACT 4 of 2013 South Africa: Mike Bolhuis' "Specialised Security Services" falls under Section 6 of the act. Read more here: https://mikebh.link/fntdpv

SSS TASK TEAM:

https://mikebh.link/2fkmx6

Copyright © 2015- PRESENT | Mike Bolhuis Specialised Security Services | All rights reserved.

Our mailing address is:

Mike Bolhuis Specialised Security Services

PO Box 15075 Lynn East

Pretoria, Gauteng 0039

South Africa

Add us to your address book

THIS PUBLIC DOCUMENT WAS INTENDED TO BE SHARED, PLEASE DO SO.