 |
| Google Authenticator |
One of the things that I am most passionate about teaching
people is how to keep themselves safe when it comes to using technology. As
more and more of our personal and financial information are available digitally,
we have to be extra cautious. One of the greatest ways to protect yourself is to know what to protect and how to protect it best.
Recently I had someone try to hack me multiple ways and it prompted me to write
about this week’s topic: two factor authentication.
 |
| Last Pass Authenticator |
You may have seen the option to enable two factor
authentication on a website that you log into but you may not have understood
what that means or why they offer it. The idea is that you have two forms of
identification.
Usually it is something you know, like a password or the answer to a question and something you have on you like your phone. Some people confuse two step authentication where they ask for two passwords or a password and a personal question. Unfortunately, these are two step systems are not much more secure than a simple password because hackers can use social engineering (researching your personal information) to figure these out. The most common two factor authentication is done by having an SMS (text) message sent to your phone. Other two factor options are random number generating authentication apps like Google Authenticator (Android https://goo.gl/sbBxn and iOS https://goo.gl/lvsE1 ) but there are others by LastPass http://goo.gl/P9P1nF and Duo Mobile http://goo.gl/TLVk3D , an automated phone call where the number is spoken; a number sent directly to your phone through a manufacturer push message, or what is known as a Yubikey which is a USB device that provides a unique long string of numbers https://www.yubico.com . While some have argued that SMS (text) as a factor can be broken it is difficult and expensive to do so.
Usually it is something you know, like a password or the answer to a question and something you have on you like your phone. Some people confuse two step authentication where they ask for two passwords or a password and a personal question. Unfortunately, these are two step systems are not much more secure than a simple password because hackers can use social engineering (researching your personal information) to figure these out. The most common two factor authentication is done by having an SMS (text) message sent to your phone. Other two factor options are random number generating authentication apps like Google Authenticator (Android https://goo.gl/sbBxn and iOS https://goo.gl/lvsE1 ) but there are others by LastPass http://goo.gl/P9P1nF and Duo Mobile http://goo.gl/TLVk3D , an automated phone call where the number is spoken; a number sent directly to your phone through a manufacturer push message, or what is known as a Yubikey which is a USB device that provides a unique long string of numbers https://www.yubico.com . While some have argued that SMS (text) as a factor can be broken it is difficult and expensive to do so.
 |
| Yubikey |
Where You Should Use It
The simple answer would be everywhere it is offered but that can be tiresome. Your e-mail is the most important because if someone can get into your e-mail they can lock you out by changing the password and can also use the “Forgot My Password” on other websites to get in and wreak havoc. Then next important would be anything financial: bank, retirement, and
.
If you are interested in knowing more:
Cutts, Matt. Please
turn on two-factor authentication. 8/6/2012. https://www.mattcutts.com/blog/google-two-step-authentication/
Constantin, Lucian. 5
things you need to know about two-factor authentication. 3/31/2016. http://www.pcworld.com/article/3050358/security/5-things-you-should-know-about-two-factor-authentication.html
Franceschi-Biccierai, Lorenzo and Joseph Cox. The Motherboard Guide to Not Getting Hacked.
8/2/2016. http://motherboard.vice.com/read/the-motherboard-guide-to-not-getting-hacked
No comments:
Post a Comment