The good ol’ days
Back when all we had to worry about was war and famine, it was far easier to protect your valuables from the prying eyes/hands of others. All of your “stuff” was a physical item or idea and nobody could take those from you by anything other than force. Nowadays it seems that every other day we’re hearing about how millions of people’s accounts have been compromised in some form or fashion. You don’t have to look far to see examples of this (each of these words is a different link to a different “hack” or compromise). Seriously, these are just the results of the last month by googling “compromised accounts”. It’s a growing problem, and it will only continue to get worse.
What can we do?
As far as preventing the compromise in the first place? Very little. Unfortunately, we rely on the nerds on the inside of a company like Facebook or Equifax to make sure their security is up to snuff to prevent hackers and hoodlums from accessing their networks and databases. This gives them access to your account information that they can then use to log in and view your information. HOPEFULLY, that’s all they can do. If the information is clearly visible simply by accessing the database or network, you’re screwed and that company needs to be held accountable for their negligence (if sensitive data is being held).
What we can do though, is add an additional layer of security that requires your presence AND your password to work properly. Introducing 2FA or two factor authentication.
Two factor authentication is pretty much exactly how it sounds. Two different types of identification are required to authorize you to an account or application. Rather than explain it, let me show you what it looks like in action.
Protecting my Gmail Account
I pretty much only have a gmail account to sign up for stuff that requires it. If some would-be attacker compromised my email, they would quickly learn all of my other accounts, and, with access to my email, they could begin resetting passwords for these other accounts and begin systematically ruining my day/week/month. So what should I do to make it a little tougher on these guys? Enable 2FA! The process is pretty straightforward.
- Click on Get Started
- Click Get Started again..
- You’ll be prompted to log into your GMail account. Go ahead and do so.
- Plug in your cell phone number (this is so they can send you verification codes any time someone tries to log into your account).
- You will be sent a text message with a code. Enter the code.
- Congratulations! You’ve enabled 2FA for your GMAIL account.
Great! I have my GMAIL account set up with two factor authentication, now what? Now every time you try to log into your account from your computer or phone, you’ll be sent a verification code to prove that it’s you who is trying to sign in. This prevents just anyone with your password from logging into your account.
More and more sites and applications are offering this service with the compromises coming out en mass here recently. If you have a sensitive account or use an app that contains sensitive data, check to see if they offer the service and bug the hell out of them if they don’t. I use it for everything I can; GMAIL, banking, this blog, etc.
I recommend checking out Duo, a third party multi-factor authentication company that integrates with a great many applications that the modern man or woman may use.