k royal, PhD, JD
User or Loser: two factor authentication
By K Royal @HeartofPrivacy | Published | No Comments
This week I have received 5 “congratulations, your email blanketyblank.royal@gmail.com has been created. ” But for two factor authentication, I would be hacked.
Let’s discuss what this is and why you need it.
Two factor authentication means you use two “things” to verify your account. You might use a password plus a security question: standard for banks. Security questions are not the best type for two reasons: 1) the answers are the games you play on social media… where were you born, what was your high school mascot, your favorite teacher, your first car, etc.? And 2) if the questions are obscure enough, you forget the answers. My first pet could be the first one I know of (my parents’ dog), the first one they got me, or the first one I got myself. For kicks and giggles…Who out there doesn’t use his/her mother’s maiden name?
So, other second factors include recognizing a token upon log-in, biometrics, and sending a verification code to phone or email. The latter is my favorite.
Why is two factor (or multi-factor) authentication important? To prevent theft and fraud. Is there anyone who uses a computing device who has not been affected by a data breach, such as Yahoo’s 2 billion email hack? If you think not, you just aren’t aware of it yet.
When passwords are breached, thieves have fun. They have automatic scripts that run your email address (and any usernames in your email, such as account set up notifications) and password against all known bank and credit card sites. Often people use the same password and simple iterations of that password, like password11, password22, etc., on everything. Stop doing that!!
With two factor authentication, you’ll know if someone is trying to hack you and you’ll put a virtual foot up a hacker’s virtual butt… and his/her real fraudulent plans.
Use it or lose.
Leave a Reply