Skip to content

Tag: 2FA

Passwords are NOT Enough…

With all the upheaval in the online world over these past few years and many people moving around to different social networks, I wanted to take the time to offer some advice that may have slipped many people’s minds.

Keeping your accounts secure by way using multiple factors for authentication or multifactor authentication.

When we are talking about multifactor, there are four factors:

  • Possession. Something you have, such as a key, bank card, door access card, USB token.
  • Knowledge. Something you know, such as a password or PIN.
  • Inherent. Something you are, refers usually to biometrics such as a fingerprint, retina scan, behavioral observations such as key press intervals, etc…
  • Location. Somewhere you are, your location validated by GPS or some other location verification process.

When you get home, you usually use a key to unlock the door. That’s the possession factor, something you have. Even if you have two different keys, one for the door handle and a different key for the dead bolt, it’s still a single factor for access to your home.

When you access your bank funds at an ATM, you are using two different factors to gain access to your funds. You use something you have, your bank card and something you know, your pin. You an not access your funds without having both those factors.

This is more secure as it’s more than just something you have such as your keys. You can’t access the account at the ATM unless you have both factors.

So let me ask this rhetorical question of everyone. Why do most of us only use the single factor of something we know, a password, to access that same bank’s website? Or how about your Amazon account? What about your social media account?

The digital age has resulted in so many different logons we have to use that we have all opted for convivence. All those accounts means that would also mean that you would have to remember a lot of different passwords.

We all know that many of us don’t use separate passwords with each account. With security breaches a common place occurrence in the past year, a password compromised for one account lends to many accounts being potentially compromised.

That is a serious problem. What you can do to protect yourself? You need to use two different factors for access.

First, for that something we all know, passwords, use a password manager. Password managers allow you to keep a secure and easily accessible listing of all your online accounts. Most support the ability to create a random password for each account entry, thus helping to reduce your exposure to the pitfall of using the same password everywhere.

There are many password managers out there. Most of the better ones out there will have both a desktop and smartphone versions. Features you want to look for are of course ease of use, encryption of the database that is stored on your computer/smartphone and ability to create random passwords for you.

Second. Enable two factor authentication or 2FA on as many services that support it.

For online accounts, this is how 2FA works. Typically after you have entered in your userid and password, the something you know, you will be prompted to enter in a code. This is the very clever bit. That code is only good that one time. After you use this code, it’s no longer valid. Some 2FA code systems put a time limit on that code of just a few seconds and then it’s no longer valid.

These codes can be generated by a physical token that was provided to you from the service you are accessing, a code sent to you by text message or email or a randomly changing code from an authentication app on your smart phone such as Google Authenticator, Microsoft Authenticator, Authy or one of many others available.

To enable 2FA for your online accounts you would typically look in the account security settings. If you can’t find it there, hit up the tech support section of that service or reach out to customer service and ask about enabling two factor authentication on your account.

Yes, using 2FA for your online accounts adds another step to logging onto a service and many people don’t like to spend the extra 30 seconds to use 2FA.

I ask you this, which is more of a hassle? Taking the time for an extra logon step or being the victim of identify theft?

Security is more important today than ever. Take the time to make 2FA second nature for your online experience. It’s well worth the effort.