Go Two-Factor or go Home
Robert Siciliano
#1 Best Selling Author Cyber Security Speaker Architect of CSI Protection Cert Cyber Social Identity Personal Protection
Logins that require only a password are not secure. What if someone gets your password? They can log in, and the site won’t know it’s not you.
Think nobody could guess your 15-character password of mumbo-jumbo? It’s still possible: A keylogger or visual hacker could obtain it while you’re sitting there sipping your 700-calorie latte as you use your laptop. Or, you can be tricked—via a phishing e-mail—into giving out your super strong password. The simple username/password combination is extremely vulnerable to a litany of attacks.
What a crook can’t possibly do, however, is log into one of your accounts using YOUR phone (unless he steals it, of course). And why would he need your phone? Because your account requires two-factor authentication: your password and then verification of a one-time passcode that the site sends to your phone.
Two-factor authentication also prevents someone from getting into your account from a device other than the one that you’ve set up the two-factor with.
You may already have accounts that enable two-factor authentication; just activate it and you’ve just beefed up your account security.
- Its two-factor is called login approvals; enable it in the security section.
- You can use a smartphone application to create authentication codes offline.
Apple
- Its two-factor works only with SMS and Find my iPhone; activate it in the password and security section.
- Apple’s two-factor is available only in the U.S., Australia, New Zealand and the U.K.
- Twitter’s two-factor is called login verification.
- Enabling it is easy.
- Requires a dependable phone
- Google’s two-factor is called 2-step verification.
- It can be configured for multiple Google accounts.
Dropbox
- Activating two-factor here is easy; go to the security section.
- SMS authentication plus other authentication apps are supported.
Microsoft
- Enable it in the security info section
- Works with other authentication apps.
Additionally, check to see if any other accounts you have offer two-factor, such as your bank (though most banks still do not offer this as described above, but do provide a variation of two factor).
Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention. Disclosures.
Broker at Kramer Warner Associates
9yThanks for always giving great advise Mr. Siciliano.! Last nite I watched CSI Cyber Crime. The one about the hotel. I attempt to follow all these good steps but the show freaked me out as to how the criminal somehow trunked onto one persons phone and then wrote information seemingly from the good guys phone, faked his "location issues" and some more bizarre stuff. Granted the FBI's Cyber unit has great former black hat hackers from the "deep web'" working for them and could figure it out. From the verbiage that I've been learning - it was totally frightening.
Educating business & individuals about Identity Theft
9yPeople need to take this extra step to protect their identity and accounts !