Geek secrets: How to get better security than passwords alone

Brainy geekTake a long, hard look at your friends, loved ones and colleagues.

Do some of them not seem to struggle as much with computer security issues as you do? Do you find that *you're* the one who gets hacked, and they seem to get away scot free?

Well, it may be that they know a geek secret.

Fortunately, you don't have to be a geek to know a geek secret. But you do have to keep a close eye on how geeks protect their systems, and learn lessons about how you might do the same.

With that in mind, here is a tip that the geeks know about - but of which, sadly, many computer users are still clueless.

How to get better security for your online accounts than with passwords alone.

Find out below, or watch my latest video to learn more:

Two factor authentication (2FA), also sometimes referred to as two step verification or login verification, is an extra layer of security that you can enable on a long, long list of websites.

You see, normally you access your online accounts by proving that you know something: your password. That's all very well, but people get careless with passwords, perhaps because they get phished, or share it with a colleague, re-use it on multiple websites, or simply make it easy to guess or crack.

What 2FA does is take security one step further. Rather than simply asking you to prove what you know (your password), they also want you to prove what you have in your physical possession.

Twitter 2FA

The idea is that although a hacker might be able to steal or crack your password from the other side of the world, chances are that they will find it a heck lot harder to gain physical access to one of your possessions. And, when it comes to protecting against hackers, anything which makes their lives more difficult increases the chance that they will simply move on and look for an easier target.

So, a website account which has 2FA enabled doesn't just ask you for your password, it also asks you to prove that you have a device in your physical possession by - for instance - entering a randomly generated number that has been sent to your mobile phone, or displayed by a smartphone app. With some sites, such as some banks, you may even have been given a hardware token that will generate the number.

This makes life much trickier for the bad guys trying to break into your account, because even if they have determined your password they won't know the magic number that changes every 30 seconds or so.

Google authenticator

2FA isn't entirely foolproof. There are sophisticated attacks that determined attackers can use to try to crack into even the accounts which are protected with two-factor authentication. But it does make it so much more difficult for attackers to successfully compromise your online accounts, that the vast majority simply will not bother.

And that has to be good news.

For a great list of websites that support 2FA in various forms visit twofactorauth.org.

Tags: , , ,

Subscribe to the free GCHQ newsletter

, , ,

Leave a reply

5 Comments on "Geek secrets: How to get better security than passwords alone"

Notify of
avatar

Sort by:   newest | oldest | most voted
Bob
Visitor
Bob
February 15, 2016 8:06 pm

Sorry to point this out but 2FA is not the same as 2SV.

"The difference between two-factor and two-step authentication."
https://paul.reviews/the-difference-between-two-factor-and-two-step-authentication/

Tom
Visitor
Tom
February 17, 2016 1:01 pm

I wish there was an option for those of us who do not have smartphones

Frank
Visitor
Frank
February 17, 2016 6:25 pm

Use WinAuth (https://winauth.com/) for Windows, and OTP Manager (http://www.stickybit.nl/apps/otpmanager.html) for Mac.

Bob
Visitor
Bob
February 18, 2016 12:25 pm

There are also Chrome-based plugins for Linux that allow TOTP.

Plenty of other ways Tom to increase your security:

You can use 'dumb' 2SV – e.g. get Google to call your landline/mobile with an authentication code; i.e. automated voice calls you with a OTP.

Use something like the YubiKey.

Some websites support printable grid matrices.

(Other methods are available).

wpDiscuz