Does two step authentication stop these forms of attack?
|
Yes.
The best form of two-step authentication is to use a phone number because it’s something you physically require that they couldn’t get their hands on.
If you use an e-mail I would suggest creating a new e-mail specifically for 2FA, and don’t use it ANYWHERE. Make sure the e-mail it’s self is random and has no relation to you at all, as well with the password. If you only ever use it for 2FA there is no trace of it online so they wouldn’t know what e-mail to try and get into. It blurs the e-mail when it asks to send a code to it for 2FA so they wouldn’t see what it is even if they were trying to log into your account and got prompted to verify with the 2FA method you have set up.
Some also work as QR codes. You download an Authenticator app (Microsoft/Google both offer a universal one in the Apple Store/Play Store) and then scan the QR code on screen, whenever you want to login you just open the Authenticator app and it’ll have a randomized code for you to put in (it consistently resets like every 10 seconds).
Using 2FA will allow you to mark a computer or device as safe, so you won’t be required to do it every single time you login your home computer or phone.