Thursday, July 21, 2016

Guide: How to enable two-factor authentication to protect yourself from being hacked


How do you protect your photos, messages, and more from being hacked or stolen online? With two-factor or two-step authentication!

What is two-factor authentication?

Two-factor authentication is the most prevalent way to secure your accounts: It asks you to authenticate that you are who you say you are by supplying not only your password, but a unique code supplied from your phone or an external app. It ensures that those accessing your accounts have access to your physical devices as well as your virtual passwords, and makes a simple password crack or social engineering hack a lot more insufficient when it comes to accessing your personal data.


What's the difference between two-factor authentication and two-step authentication?

They're commonly used interchangeably, but two-factor traditionally requires two different types of authentication. That can include something you know (password), something your are (fingerprint), or something you have (Bluetooth dongle). Two step authentication, on the other hand, can use the same type of information delivered by different sources. For example, a code you remember (password) plus a code you're sent over SMS (token).

Two (or more) factors can be more secure, but two steps are typically enough for most online accounts. It's a better version of the old "security questions". It not only helps you avoid needing to remember your random answers, but it also removes the risk of relying on potentially easy-to-find information.

Why is two-step authentication so important?

Passwords are weak, broken, and by all accounts, outdated: Having to remember a random assortment of numbers, letters, and possibly (but not always) other characters can be tough on your memory and easy for attackers to compromise, especially when technology like Touch ID exists. Apps like 1Password or LastPass can help with organizing and memorizing your passwords and even help you create super-long strings, but you're still reliant on a single password to keep you safe. Two-step/two-factor authentication requires two different keys to log you into your account, significantly amping up the level of difficulty for any would-be hackers to access your personal information.
What accounts can I set up with two-step authentication?

Over the past few years, lots of web services and banks have hopped aboard the multiple authentication methods bandwagon — more than we can properly list. The folks over at Two Factor Auth, however, have kindly put together a master list of services that support two-factor or two-step authentication, along with links to how-to documents, what methods of two-factor authentication they support, and how to contact a service you use to request that they implement two-factor authentication.


What if I lose my phone (or have it stolen)?

One of the big fears with SMS or code-based two-factor authentication is the potential loss of your primary authentication device: If you don't have your phone, you can't get SMS messages, et cetera. Thankfully, most services offer recovery keys or special passcodes that can unlock your account in case you don't have access to your cell phone at the present moment. Make sure to write these down in a safe place; I use 1Password's secure notes feature for this, and also store a hard copy in my office.

How do I set up two-factor with my favorite sites/apps?

Hackers are too good, and security systems flawed. Longer complicated passwords created by generators like Safari's iCloud Keychain or third party apps like LastPass or 1Password can help, but the best way to lock down your accounts is to add extra security options for two-step or two-factor (2FA) authentication. Here's how to go about it:

No comments:

Post a Comment