Securing your online presence – Part 2: MFA

MFA (Multi-Factor Authentication) or 2FA (Two Factor Authentication) is really, really easy to set up and makes your online accounts much more secure. So let’s start with what is it?

For access to an account we usually ask for something your are, something you know or something you have.

Something you are – well that’s you. Your username.

Something you know – this is your password.

Something you have – this is usually your phone. Or it can be a keyring that has a changing string of numbers on it. Or your finger (fingerprint), your eye (retina scan).

How does this help?

Suppose a hacker knows your username and password, then they can log in as you and do whatever I want. If you have 2FA set up though, they can’t, not without your phone (or your eye) to bypass this. If a hacker guesses your password they still can’t log on. If they steal your phone, well they have to guess your password. It makes it so much harder to hack your account.

The easiest one to set up is with your phone. Google, Microsoft and a host of others offer an authenticator app (links below). These generate a 6 digit code that changes every minute. When you log on to your online account, they will as usual ask for your username and password, but also ask for this code (some use the option of instead of typing a code, a prompt on your phone screen will ask if this is you).

To set this up, check with your online provider if they have two factor or multi factor authentication options and if so set it up. Usually you will use the app to scan a barcode on your screen and it’s set up in minutes.

I’ve provided some links below;

Set up 2 factor authentication

Apple ID (icloud)

Gmail

Office 365

Google Authenticator App:

IOS

Android

Microsoft Authenticator App:

IOS

Android

Securing your online presence – Part 1: Passwords

These days everyone is getting hacked. If the CEO of Twitter got his account hacked, you could be next. Well, maybe not.

Often hackers will go for the easiest attacks first. The weak passwords, the poor security. It’s like going on vacation and leaving your door open for a burglar and the alarm off.

What should you do? First use a good password. ‘Password’ is not a good password. Make sure it’s at least 8 characters, more is better, and use a mix of upper case and lower case.

It could be better to use a passphrase, think 4 short words. This is much easier to remember as well. Try remembering ‘8jskTH4^%’. It’s hard, right? What are the ‘^’ symbols even called?

Now imagine a blue bird on a red bicycle. ‘Blue bird red bike’. There, you can remember that. Even better if you go ‘Blu3 bird red.bike’ as it mixes more character types and the number of possibilities for a hacker to try.

XKCD explain it better. And check out part 2 on using 2 factor authentication