April 11th, 2017
Hopefully by now you have all your passwords randomly generated, saved inside a password manger, and protected by a secure master passphrase. If not, then you have some catching up to do. Have a read of my previous posts, here [1] and here [2]. It’s ok, I’ll wait.
Now that you’re all caught up, it’s time to step up your security game a notch by protecting your online accounts using two-factor authentication (2FA). The basic idea of which is to use two-factors to gain access. These would be something you know, like your password, and something you have for instance your phone, fingerprint, or retina. This will help secure your accounts as knowledge is easily transferred or guessed. Unless an attacker is gouging out your eyes or hacking off fingers, then even if they do come to know your password, they will not be able to access your accounts.
One of the most common forms of second factor is to use an authenticator app on your phone that will generate a random 6 digit code that has to be used when logging in. Google have an excellent one that is compatible with a whole host of services. Other systems might send you an SMS with a similar code.
While adding 2FA to your accounts might seem like a bit of a hassle, the extra level of security that is gained, far outweighs the effort required.
Need some help?
As always if you have questions regarding two-factor authentication or online security in general, the information security team are always here to help. Check out the InfoSec website [3] and contact 58888help@uoguelph.ca [4] or x 58888 with any security concerns.
Written by: Chris Sowley (Cyber Forensics Analyst, Information Security)
Image Source: Duo Security