EightCyberSecurityTips Use 2FA / MFA everywhere
2 Factor Authentication or Multi Factor Authentication is a second or additional way of authenticating that you are allowed to access an online account.
Traditionally we have used a single method of authenticating to login to our accounts, usually a password. But there are several problems with a single authentication approach:
🔵 Humans are not very good at creating "good" passwords, they are usually far too easy to guess and are reused across multiple accounts.
🔵 The suppliers of these online accounts are not very careful with our passwords. They often store our passwords insecurely and then give them away to the cyber criminals in a data breach.
🔵 The cyber criminals are very good at cracking easy to guess passwords, or using phishing emails to fool us into giving them our passwords, or buying lists of breached passwords.
Not using 2FA is a bit like locking your front door, and then putting the key under the outside doormat.
With 2FA / MFA in addition to knowing the account password to login, you need a second way of authenticating. It's a bit like having two locks on your front door with different keys.
The most common 2FA method is to use an app on your mobile that generates a six digit PIN code, which changes every 30 seconds.
How does this help?
Well, now just having the account password is useless (and having just the ever changing PIN code is equally useless).
The cyber criminals or hackers need to crack, buy, steal your password, and have access to your mobile phone 2FA app, in order to login to your account. You have made it a lot harder for the criminals to get into your account.
2FA isn't infallible, there is a method called session hijacking that the cyber criminals can use, but it's much much safer than just using a password
Which accounts should you use 2FA on? Email is the main one. If a hacker can get access to your email, they can easily then break in to all your other accounts (that's a subject for another post). Anything with access to your money is another one to protect (eBay, PayPal, Amazon, etc). And social media accounts. The hackers love those as well, as they can then scam your friends.
What 2FA app should I use? My favourites are Google Authenticator, Microsoft Authenticator, or Bitwarden (a Password Manager) to store and generate the 2FA codes.
So, if you are not using 2FA / MFA you really should start using it straight away. It's an easy way to improve your security with no or minimal cost.
Chris
#TheAntiVirusGuy and
#TheDataBackupGuy and
#ThePasswordGuy
—
A bit about me:
💻 Helping Entrepreneurs, the Self Employed, Sole Traders and Small Business Owners manage their online passwords and keep their computers virus free.
💻 Really good anti virus (SentinelOne £16 or ESET £4 or £8 per month)
💻 Buzz Ambassador
No comments:
Post a Comment