Skip to main content

Securing your account with password only? That’s not enough anymore - Use two-factor authentication

Using userID and password only to login to your account is old method to ensure security to your account(email, bank, facebook, etc.). It has been reported numerous times that passwords can be stolen, leaked, cracked, captured, sniffed & guessed. Bad guys (may be your own people with bad motives) are trying hard to get your password and get into your account to steal data/money/identity/photos.

You need to protect your account with something more than just UserID and password. Strong password is not enough to protect your account and you need to go beyond that to make your account secure.

What is two factor authentication ?
In simple terms you can consider two factor authentication as "Two Locks" for your account. You need to open both the locks before your get into your account. And to open two locks you of course need two separate keys.

Two factor authentication is security process in which you use your userID+Password and physical token. Its "something you know" and "Something you have". E.g. If you wish to login to your email account, your emailID & password is what "You know" and an addition short numeric code(Verification code) that is available on your phone which acts as "You have".




Why two factor authentication?
According to security research, two factor authentication drastically reduces the risk of your account getting exposed or hacked by anyone. Anyone who knows your userID+Password, now cannot open your account unless they enter the code which only you have it(on phone or physical).

Banks, enterprise business, and small/medium business already got this started early on and now lots of online companies provide this feature for free to users to increase level of security around your accounts. Your data & identity is equally important as your bank account, which you don’t wish to loose.

Why anyone cant break into your account with two factor authentication ?
By adding a second lock to your account it gets hard for anyone to crack your account. Numeric code is usually generated every time and it keeps changing. Anyone who has your userID & password also now needs this numeric code to open your account and that’s not with them(unless your phone/device is lost).

Here is a short video on Two factor / Two step authentication from google.



Google Authenticator - An Android and iOS app to generate verification codes on your phone

  • Google provides a generic phone app on android/iPhone for users to setup and use two factor authentication. Install "Google authenticator" from Google Play and follow steps to setup.
  • Note that 'Google Authenticator' is not just for your google accounts, its generic enough to help you setup two-factor authentication for numerous other websites too. A good example here is "Lastpass" which integrates well with Google app and makes your master password/account in Lastpass safe.



Who all provides two factor authentication?
In addition to your bank, lots of companies on web offer it. Google, Facebook, Microsoft, Lastpass, Apple, Dropbox, Evernote, Yahoo, Linkedin and many more. And this is all for free. So go and secure your account now.

Here are some services that support two-factory authentication, with instructions on how to enable it -

  • Google/Gmail - Google provides six digit verification code via sms or by Google authenticator app.  You can enable it by following steps from here - http://accounts.google.com/SmsAuthConfig
  • LastPass - Most important service that you should enable two factor authentication. Here are steps - https://helpdesk.lastpass.com/security-options/multifactor-authentication-options/google-authenticator/
  • Facebook calls it as 'Login approvals' and provides couple of ways to setup. You can get verification code via sms or setup google authenticator or via facebook app itself. See https://www.facebook.com/settings?tab=security
  • For your favorite services apart from above search google or have a look here - http://lifehacker.com/5938565/heres-everywhere-you-should-enable-two-factor-authentication-right-now

Hope this helps to secure your accounts!

Comments

Post a Comment

Popular posts from this blog

Malls track your visits by Wi-Fi tracking

How does Wi-Fi works ?  Wi-Fi is preferred wireless way of internet connectivity on mobile devices. We connect to Wi-Fi at home/office/cafe/Hotels and public places to get fast internet connectivity and do all stuff using it. Usage of Wi-Fi has spread fast with smartphones/tablets as compared to laptops couple of years back. Wi-Fi uses network name (SSID) and shared-password to connect and that makes it easy for users to get internet without much hassle. Once you connect to a network, your mobile device remembers the network and tries to auto-connect to it whenever its available. Mobile devices store all this Wi-Fi network info and use to auto-connect on periodic basis so as to provide preferred connectivity; and all that happens behind the scene. May be its your android/iphone/blackberry/windows phone/tablet all work same way. Your phone tries to connect to Wi-Fi automatically. You can see list of Wi-Fi networks connected by your device going to settings > WiFi What i
9 comments
Read more

Use Bookmarks for Bank websites!

Online banking is preferred way for bank transactions and we hardly visit bank building. Most banks do provide android/iphone apps  to take it further. Bank websites are here to stay and do provide rich set of services for customers; and here lies the security issue. You need to protect you identity while logging in and prevent using your credentials on any other fake websites. Use browser bookmarks to open bank website: Always visit your bank using a bookmark on your browser. Simple practice can save your money Never search for bank URL in google or any search engine. You may land up in fake website Never search bank website URL in emails, you might open fraudulent email with URL pointing to site that looks similar to your bank. You may end up entering credentials and give away access to hackers Do NOT bookmark 'Sign in' page as it can change, always bookmark main website of bank e.g. https://www.hsbc.co.in, you can then follow the 'Sign in' page from there. Jus
Post a Comment
Read more

10 Ways your computer can get infected by viruses and how to avoid that

Getting infected by Virus on your laptop/desktop is easy as you read below. There is no one good way to be protected against all of them and thus you need to be cautious enough to keep your data and laptop secure. On other hand you don't need to be super paranoid or require geeky skills to be protected - just be aware about your actions and apply common sense. 1. USB/Pen-Drive:  The biggest reason to get infected is using extensively using USB/Pen drives to share data across multiple machines. This is the most exploited method use by viruses to spread and autorun on machines when inserted. This is not restraned only to USB/Pen-drive, but all devices that exposes USB interface to connect to computer. E.g Camera which provides USB to copy photos/videos to your computer, or your mobile phones to copy music/files, Kindle to copy books and external hard-disk that host huge data. Any USB/Pen-drive when connected to computer auto-runs set of files and viruses gets the entry poi
Post a Comment
Read more