Bored? Go explore.org
Simply put, your username and passwords are no longer secure methods to access your accounts anymore. Passwords can be easily stolen through a large variety of methods, including standard malware, keyloggers, inspecting packets over unsecured connections, phishing, and so much more. This is the problem that 2FA tries to solve; by trying to add that extra authentication point to prove it’s actually you. Almost like a second super secret password, except this password changes every 30 seconds, and only you have access to it through sometimes through a physical device, such as a phone, or a USB Security Key.
Another option that can be used as your second authentication point, or your “second password”, is using a USB Security Key. Instead of requiring an auto-generated code, or sending you an SMS with a code, you can use a security USB instead. Each security key has an individualized secure chip which performs cryptographic functions, meaning only your key can be used to complete the cryptographic challenge and complete the login process. This gets a little complex the further you delve into it, but know that legitimate FIDO U2F Security Keys are a safe way to authenticate yourself.
It’s important to make sure you buy a legitimate FIDO compliant U2F key. Yubico is a trusted brand in the industry when it comes to FIDO compliant keys. You can purchase a Yubico key on Amazon for fairly cheap.
Popular services that support security keys include Google, Facebook, Dropbox, Salesforce, Github, with others following suite.
Adding a Security Key for Facebook or Google
To setup your Security Key with Facebook, go to your Settings Page > Security & Login > Setting Up Extra Security > Under Security Keys, press Add Key.
To add a security key to your Google account, visit their 2-Step Verification page here > click Add Security Key > and follow their on screen instructions.
You will have to determine if a security key will work for you. For one, you might have to carry it around wherever you go if you are required to signing onto machines you don’t usually sign into. Secondly, losing a security key can be an issue, especially if you don’t have backup codes or other methods for secondary authentication already in place. If a security key does work for you, it can be a very quick, safe, and easy way to authenticate yourself.
If there’s one thing you can do to make your accounts unhackable, it’s 2FA. Two factor Authentication, also known as 2FA, or two step verification, is an added layer of security known as Multi Factor Authentication. In today’s world of increasing digital crime, 2FA is an absolute must for any high profile online accounts. 2FA doesn’t just require your password, but also an additional randomly generated code that changes every 30 seconds that you usually access through your phone. This means, that if a hacker does get access to your password, they would also need to physically have access to your phone, and phones pin/passcode/fingerprint, to get in, making any unauthorized access practically impossible. I could practically tweet out my Gmail password, but without physically having access to my phone & my pin, that password is useless. This stops almost all hackers immediately, and renders your account inaccessible to outside attackers.
If you don’t use 2 Factor Authentication, assume that at some point in the future your account will be compromised.
To start using 2 Factor Authentication, you will need the Google Authenticator app. This is the app that will be providing you with your 2nd authentication point. Download for Android or iPhone. Although Google has moved away from providing a code, and now prompts you instead if you want to authorize a login, like in the photo above. There are a variety of ways that you can provide your second authentication point, Twitter & Facebook like to send you the code via SMS to your phone, but I recommend the app. You can also use a security key, which we will be discussing in a later post.
- Setting up Two Factor Authentication for Gmail
- Setting up Two Factor Authentication for Facebook
- Setting up Two Factor Authentication for Twitter
- Setting up Two Factor Authentication for Amazon
Most popular websites and services now offer 2FA, and I highly recommend you set them up on any accounts that do provide it, especially email accounts, social media, and banking sites.
Check out this neat site, TurnOn2FA.com to help guide you through turning on multi factor authentication on several popular services.