facebook linkedin twitter

Computerware Blog

Start Using Two-Factor Authentication Everywhere, Today

Start Using Two-Factor Authentication Everywhere, Today

It can be easy to slack off when it comes to good password practices. Many users still use the same password across multiple sites and often don’t use secure passwords. Password managers make this a lot easier, but it’s really two-factor authentication (2FA) that can make all the difference. Strong, unique passwords are still important (not all accounts offer two-factor authentication) but let’s talk about why you should always enable two-factor or multifactor on all of your accounts when possible.

Getting into my programs or logged onto different websites has been easy enough by using a password management tool, especially since there are settings that can be enabled to remember a specific device. When logging on from a different device, my phone or email is immediately hit with a notification. It’s a PIN, and without the PIN there is virtually no chance of logging in. This might be annoying if my phone isn’t on me and I’m sent a text notification, but let’s be honest, I don’t go anywhere without my phone, it’s my most valuable tool. 

So, you might have tried 2FA before or you might have been endlessly hitting the “ask me later” option that you are prompted with on new software that implemented the additional authentication measures. Whether you decide to use it or not there is one indisputable statement regarding this feature: two-factor authentication makes your accounts more secure. 

What Is Two-Factor Authentication

Even if you haven’t used 2FA, you’ve probably seen it in action. In fact, many sites, like bank accounts, Google, and Facebook might force a type of 2FA on you. If you’ve ever logged into a website from a different computer and then received an email or notification on your phone that a login from an unknown location just happened - that’s two-factor authentication. Albeit, it’s the reactive version that doesn’t do much to prevent others from gaining access to your information. Let’s not rely on being reactive, and look at true two-factor authentication.

By definition, two-factor or multi-factor authentication is an authentication method in which a computer user is granted access only after successfully presenting two pieces of evidence to an authentication mechanism: knowledge, and possession.

Knowledge: This is your password. You’ve memorized it or stored it securely in a password manager. The idea is that only you know it or have access to that information. In events where you don’t know your password, some sites might also accept your full email address or phone number in order to reset your password.

Possession: This is something that you own and almost always have in your possession. This is typically your smartphone, but other methods might have you carrying around a USB thumb drive or an electronic key that generates a random number.

The instantaneous code that is sent provides one more feature. It acts as an informant. If somebody were to log into one of my accounts with my password, I would find out instantly. Even then, they wouldn’t be able to get the PIN from my text message or authenticator app to finish the login process. This tells me I should change my password immediately, but otherwise my account should be safe.

Don’t Assume You are Safe

Enabling two-factor authentication won’t entirely protect you from threats or breaches. If you have two-factor set up on Facebook, Facebook can still get breached and passwords could be stolen. We see this happen all the time, with high profile attacks on large online entities stealing millions of records in a shot.

Following the other password best practices, like using strong passwords and never using the same password on two accounts is critical.

Recently, we saw the launch of Disney+, and it was reported that several thousand users had their brand-new accounts hijacked within hours of the launch of the service. This wasn’t because Disney was hacked; hackers just attempted to log in to steal accounts with emails and passwords they already had from some other data breach. 

Phishing attacks are plaguing millions of inboxes every single day. These attacks replicate the website in which they are impersonating, with a realistic login screen. Users are tricked to go there, fill in their information, and the credentials are directly sent to the cybercriminals.

As previously mentioned, 2FA isn’t the fix-all to cybersecurity. It does however put one more step between you and an ill-willed cybercriminal. Computerware has many more tips to help your business become more secure. If you would like to talk to one of our experts, give us a call at (703) 821-8200. 

A Recent Data Theft Shows Us What to Watch Out For
Examining the Relationship Between Professional Se...


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Tuesday, August 04, 2020

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cwit.com/

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Business Computing Privacy Internet Cloud Software Data Business Management Hackers Hardware Workplace Tips Microsoft Network Security Backup Productivity Business Managed Service Provider Hosted Solutions Productivity Email Malware IT Services Saving Money Efficiency Google Computer Small Business User Tips Collaboration Innovation VoIP IT Support IT Support Quick Tips Smartphones Data Backup Network Mobile Devices Business Continuity communications Microsoft Office Disaster Recovery Data Recovery Gadgets Social Media Cybersecurity Android Upgrade Communication Mobile Office Server Smartphone Phishing Virtualization Miscellaneous Mobile Device Management Ransomware Vendor Management Holiday Outsourced IT Windows Mobile Device Windows 10 Passwords Managed IT Services Apps Operating System Tech Term Users Internet of Things Remote Monitoring Facebook Unified Threat Management BDR Automation Analytics Managed IT services Data Management Mobile Computing BYOD Remote Computing Apple WiFi Windows 10 Training Artificial Intelligence Cloud Computing History Marketing The Internet of Things Browser Save Money Business Technology Firewall Alert Help Desk Encryption Big data Spam App Information Technology Health Bandwidth IT Consultant Office Office 365 Budget Two-factor Authentication Managed Service Content Filtering Gmail Hard Drives Government Access Control Going Green Cybercrime VPN Windows 7 Managed IT Bring Your Own Device Antivirus Maintenance Printer Tech Support Virus Lithium-ion Battery Best Practice Saving Time Recovery Computers Employer-Employee Relationship Retail Information Wireless Technology Cost Management Healthcare Windows 8 Search Outlook Hiring/Firing Computing Remote Work IBM Covid-19 It Management Travel Augmented Reality Phone System Data Security Education Blockchain Hacking Data Loss Update Networking Project Management Money Humor Customer Service Document Management iPhone Conferencing SaaS Wireless Computer Repair Running Cable Proactive IT Storage Website Law Enforcement Customer Relationship Management File Sharing Twitter Compliance Hard Drive Intranet Solid State Drive Data storage Current Events Voice over Internet Protocol PowerPoint Value Mobility Patch Management Flexibility Password Risk Management Administration Hacker Legal Data Breach Save Time Avoiding Downtime Downtime Applications Regulations Wi-Fi Vendor Disaster Company Culture Telephone Systems Hosted Solution Software as a Service End of Support DDoS Social Networking Robot Excel Monitoring Securty Word Management Google Maps Black Market Cortana Social Engineering Vulnerabilities Cryptocurrency Laptop Scam Business Growth Net Neutrality Meetings Business Intelligence Fax Server Digital Payment Private Cloud User Cooperation Router Digital Paperless Office Telephony Virtual Desktop Websites Social Comparison Tablet Sports Machine Learning Trending Pain Points Distributed Denial of Service Documents Mobile Technology Teamwork Heating/Cooling Entertainment Mouse Cost Public Cloud Licensing Uninterrupted Power Supply Solutions Statistics Vulnerability Professional Services Programming IT service Bitcoin Network Congestion Identity Theft Notifications Data Protection Integration Gaming Console Multi-factor Authentication Bluetooth eWaste Telephone Politics Co-managed IT Streaming Media Virtual Reality User Error Downloads Webcam Emails Managed Services Provider Text Messaging Automobile Google Docs Memory Chromebook Experience Redundancy How To Smart Devices Computing Infrastructure Hack Processors Cleaning USB Managed Services Monitors How To Lifestyle Employee/Employer Relationship Chrome Evernote Managed IT Service Office Tips Presentation Video Conferencing Download Virtual Assistant Inbound Marketing YouTube Specifications Safety Computer Accessories Distribution Microchip Taxes Processor Start Menu Tech Terms Unified Communications Settings Browsers LinkedIn Telephone System Regulations Compliance Drones Reading Digital Signature Samsung Emergency Hard Drive Disposal Medical IT Trend Micro Mobile Security IT Assessment Access Employer Employee Relationship Microsoft Excel Security Cameras Threats Software License Trends G Suite Get More Done Computer Care User Tip Proactive Maintenance Multi-Factor Security Remote Working Hacks Physical Security Printer Server Google Drive Windows Server 2008 Navigation Virtual Machine Skype Fraud Tactics Turn Key Archive Devices Permissions Language Spyware Mobile Payment Data Analysis Employees Financial Data Upselling Relocation Tablets eCommerce UTM Content Electronic Health Records Banking Botnet PDF Trojan Music Best Available Keyboard Organize GDPR Point of Contact Managing Risk IT Plan Enterprise Resource Planning Memes switches Writing Video Surveillance Sync Electricity Printing Printers SQL Server Legislation Error Saving ZTime CCTV Tech Hypervisor email scam Addiction Upgrades Domains Accountants A.I. Managing IT Services cache Television Fileless Malware Hybrid Cloud Telework Reliable Computing Public Speaking Holidays Surveillance LiFi Business Metrics Computer Malfunction Remote Workers Harddrive Shortcut Modem Strategy Analytic Migration Connected Devices IT Debate In Internet of Things WannaCry Proxy Server Recycling Azure Wireless Headphones Work/Life Balance Entrepreneur Webinar Time Management Freedom of Information Term Product Reviews Network Management Deep Learning GPS Troubleshooting Corporate Profile Electronic Medical Records Transportation Equifax Fleet Tracking Virtual Private Network Assessment SharePoint Directions Display FinTech Scalability HIPAA Recording Optimization Read Device security MSP Development Visible Light Communication External Harddrive Motion Sickness Environment Nanotechnology Social Network Data Storage Messenger Tracking Competition Tip of the week SSID Desktop Finance IT consulting Electronic Payment Google Calendar Dark Web Free Resource Thin CLient Rental Service Touchscreen News Processing Business Cards Service Level Agreement 3D Ebay Business Owner VoIP Health IT Device Management Startup Asset Tracking Procurement Consultation Wasting Time Business Managemenet Unified Threat Management Backup and Disaster Recovery Organization CIO Cabling IP Address Knowledge Logistics Content Management Virtual Machines Username Advertising Flash Smart Phones Web Server Screen Reader Customer Resource management PCI DSS Staffing Google Wallet Books Workers Application Cyber security Gamification Communitications Windows XP Administrator Human Resources Best Practives Technology Tips Bookmark Society Leadership Supercomputer Fake News Google Play Telephone Service Piracy Upload Displays Adminstration Pirating Information Audit Employer/Employee Relationships online Currency Smart Tech Supply Chain Management Data Warehousing Managing Costs Fiber-Optic Database Micrsooft Worker Microserver Microsoft 365 HTML Internet Service Provider Financial Managing Stress Productuvuty Regulation 3D Printing CrashOverride Personal Information Capital