Most users are accustomed to entering a password or pin number in order to access their hardware, preferred apps or vital data. Sadly password databases are frequently leaked, which is why two-factor authentication is so important.
Two-factor authentication (2fa for short) is a useful tool in the battle against hackers and cyber-criminals. Two factor authentication entails confirming a user's claimed identity by utilizing a combination of two of the following three factors:
-
Something you know - e.g. a password or pin number
-
Something you have - e.g. a physical key, usb drive, smart card or smartphone
-
Something
you are - e.g. biometric data (retina scan, fingerprint)
Passwords hacked:
https://afritechnet.blogspot.co.uk/2016/05/bad-passwords-courtesy-of-myspace-breach.html
https://afritechnet.blogspot.co.uk/2016/01/do-not-use-these-passwords-in-2016.html
Smartcards hacked:
http://www.csmonitor.com/USA/2008/0819/p01s01-usgn.html
http://hackaday.com/2015/10/21/smart-cards-used-to-hack-smart-cards/
Biometric data hacks:
https://afritechnet.blogspot.co.uk/2016/07/spoof-fingerprints.html
When combined, any two of the three factors provide a formidable security blanket and act as a useful shield against phishing attacks. This is especially true in the unfortunate cases where the victim has used a compromised password across multiple platforms.
Two factor authentication typically involves a time-limited code uniquely crafted for that particular account when a login attempt is made. Verification codes are sent to the user’s smartphone via text, voice call, or one of the 2fa apps (listed below). Each code can only be used once. https://twofactorauth.org/ has a growing database of websites that support two-factor authentication.
Here
are some easy to use two-factor authentication tools:
Authy
Available
for mobile (Android/iOS) and desktop (Mac/Windows/Linux) operating
systems:
https://play.google.com/store/apps/details?id=com.authy.authy https://itunes.apple.com/en/app/authy/id494168017?mt=8
"Authy makes it really easy to use your smartphone for Two-Factor Authentication with your online accounts. We make it easy and straightforward for anyone to use Two-Factor Authentication."
"Authy helps you enable Two Factor Authentication to protect your online accounts such as Gmail, Facebook, Dropbox, LastPass, Coinbase, Amazon Web Services, and many, many more from hacker"
Google
Authenticator
Available
for Android:
and iOS devices:
"Google Authenticator generates 2-step verification codes on your phone.
Enable 2-step verification to protect your account from hijacking by adding another layer of security. With 2-step verification signing in will require a code generated by the Google Authenticator app in addition to your account password."
FreeOTP
Authenticator
Available
on iOS:
and Android:
“FreeOTP is a two-factor authentication application for systems utilizing one-time password protocols with support for Android (4.0 or later) and iOS (7 or later). Tokens can be added easily by scanning a QR-code or by manually entering in the token configuration.”
"FreeOTP adds a second layer of security for your online accounts. This works by generating one-time passwords on your mobile devices which can be used in conjunction with your normal password to make your login nearly impossible to hack. These passwords can be generated even when your phone is in airplane mode."
*Title image courtesy of http://news.psu.edu/story/393669/2016/02/19/administration/faculty-and-staff-required-enroll-two-factor-authentication
0 comments:
Post a Comment