Two-step authentication to improve online security
It seems every week we hear about another social media hacking, with some high profile business or celebrity’s Facebook or Twitter account compromised. Unfortunately, you don’t need to be famous to attract the attention of hackers. Everyone is at risk, but thankfully there are things you can do to reduce the chances of it happening to you at home or at work.
What are the best authentication methods?
Authentication is the process of identifying a user who is requesting access to a particular network, system or device. There are a few different types of authentication methods that you likely already use, like a username and password, biometrics (fingerprint or facial recognition) or multi-factor authentication (using a combination of methods to prove your identity online).
The idea of two-factor authentication (2FA) revolves around something you know and something you have. When you withdraw money from an ATM, the something you know is your PIN and the something you have is your bank card. One alone isn’t enough; you need both pieces of the puzzle in order to get your money out.
When it comes to online security, the something you know is your password, while the something you have can be your mobile phone.
How does two-factor authentication work?
Facebook, Twitter, Gmail, Yahoo! and Microsoft lets you register your mobile phone with your account. When you try to log into your account from a new device for the first time, a code is sent to your phone as a text message. You need to enter both your password and the code before you can get into your account. This way, hackers can’t break into your account even if they know the password (well, not unless they can get their hands on your phone as well).
Two-factor authentication might sound like a hassle, but thankfully most services let you remember ‘trusted’ devices so you don’t need to enter a code every time you log in from your own computer. It also means you can set up access for key staff members, knowing they can’t log in from other devices unless you authorise it and supply the code.
Tips for using authentication to protect yourself online
Staying safe online and keeping your data protected is more achievable when you use authentication methods. Here are a few tips you can implement today to start improving your online security.
Install an authenticator app
The device you have will largely determine what authenticator apps are available to you. What these apps do is give you a more secure way to log into your favourite apps and accounts. They generate a time-sensitive, one-off code that doesn’t travel through your mobile network, so even if a hacker manages to get the code, it won’t work after 30 seconds.
When you’re looking for an authentication app, make sure it backs up all your account info and encrypts it, just in case you lose or change phones. Some apps that do this already are Microsoft Authenticator, LastPass and Authy. However, Google Authenticator does not.
Use multi-factor authentication (MFA) wherever possible
MFA asks you to use two or more methods of identification before it will let you log in. Typically this is a combination of your password (what you know), a security token (what you have), and a biometric verification (what you are). This creates a layered defence against any unwanted visitors so that even if one method is cracked, there’s others that still need to be addressed.
Don’t reuse your passwords
This is an important point to remember. Cybercriminals often work on the assumption that most people will use the same password for different websites and accounts, so cut them off at the pass by creating unique passwords for every login you have. Make sure you pay attention to the guidelines for passwords and make them as strong as possible. A password manager can help make this process a little easier.
Use a password manager
You aren’t expected to remember all of those unique, complicated passwords for every website you frequent. But it’s also not a good idea to write them down on paper. Using a password manager can take some of the stress out of maintaining your online security (and your sanity!).
Be extra aware when using public WiFi networks
When you’re out and about in airport lounges, cafes or libraries, be extra careful about what you do online. It’s a good idea not to enter in any passwords when in public as you never know who’s watching. If possible, use a VPN too when logging into your online banking platform for an extra layer of security.
Improve your online security with the Geeks
While two-factor authentication isn’t a magic bullet for online business security, it’s a handy extra layer of defence which might help keep hackers at bay. We’re pros at computer and network security, so give us a buzz on 1300 820 744 and we’ll help you get it sorted!