Have you seen the chilling article by Naoki Hiroshima on how he lost his $50,000 Twitter username through social engineering and old-fashioned hacking?
It is a pretty technical article, but there was something he mentioned at the end of his article that I thought might interest That Online Stuff readers:
Using two-factor authentication is a must. It’s probably what prevented the attacker from logging into my PayPal account.
What is two-step authentication?
Two-step (or two-factor as Naoki calls it) authentication is a process where two stages are used to verify the identity of someone logging into a system.
It sounds complicated but it really isn’t. After all ATMs use two-step authentication – the physical card and your PIN – and we’re all very comfortable using those nowadays.
Online, the two stages of authentication are usually your password and in most cases, a verification code that is sent to your registered mobile phone.
So, if you set up two-step authentication and wanted to then log into something like Facebook or your Gmail account on a computer other than your normal one, you’d need to enter both the password and the verification code before you can access the site.
Why you should set two-step authentication up
As Naoki mentions in his article, having two-step authentication makes it much harder for people to hack into your online accounts. Let’s face it, we’re perhaps not as good as we could be about keeping passwords secure or hard to guess (hands up anyone who’s ever used the same password for multiple services…) making it much easier for a hacker to get into our online accounts.
With so much personal information stored in these accounts, the more secure we can make them the better. Whilst not perfect, two-step authentication is a great start at making them more secure.
How to set it up
There’s a number of different services that offer two-step authentication and the list below goes to the various help pages on how to set them up. Yes, this is time consuming but consider Naoki’s story…a few minutes of your time now or financial hurt down the track? Your choice!
Note: some of these services use Google’s Authenticator app which is available for iOS and Android.
Have I missed a service that you use, and that has two-step authentication? Let me know in the comments and I’ll update the list.
Online security affects all of us – please consider sharing this tip on staying safer online with as many of your network as you can.
Leave a Reply