Two-Factor Authentication handout for learners
We created a double-sided handout that includes need-to-know information about using Two-Factor Authentication (2FA). Facilitators should expect to walk through this handout with learners. We recommend distributing these handouts toward the end of a workshop on Two-Factor Authentication, to give learners an opportunity to reflect on what they learned.
This Two-Factor Authentication handout is best paired with lessons on passwords, password managers, and two-factor authentication. It includes an introduction to the concept of two-factor authentication (something you know [passwords] and something you have [a device or object you carry with you]). Learners are encouraged to first learn about passwords and password managers before filling out the information on this handout.
We are iterating on this handout, based on testing with participant in workshops, feedback from beginner teachers, and advice from digital security practitioners.
How to teach this handout:
The front of the handout gives an overview of what two-factor authentication is, as well as the good and bad aspects of two-factor authentication methods, including SMS, authentication apps for mobile devices and tablets, and security tokens.
The back of the handout is for learners to fill out: this can be done at the learners’ home, or in a workshop with the facilitator’s guidance. The learner is encouraged to visit resources like EFF’s 12 Days of 2FA, or the website https://twofactorauth.org, to find information on how to enable two-factor authentication for a service. The learner can use the provided chart for keeping track of services that they use that offer 2FA, and for keeping track of what method of 2FA they enabled for that service. On the right-hand column, learners who want to further their account security can do so by following the instructions, such as enabling sign-in monitoring, having backup plans for travel, backup codes, and so on.