Thursday, 26 March 2020 13:27

Urging all clients to use 2 factor authentication (2FA)

Written by 
Urging all clients to use 2 factor authentication (2FA)

We are urging all clients to enable "2FA" (2 factor authentication) for any web-related dashboards:

  • Domain registration (e.g. GoDaddy supports it, Network Solutions not yet)
  • Hosting control panel (e.g. InMotion, SiteGround)
  • CMS control panel (e.g. Joomla, Wordpress, Drupal)
  • Newsletter / Subscriber (e.g. Mailchimp supports it, Constant Contact not yet)
  • Google (Analytics, Adwords, Adsense, Webmaster Tools, etc.)

Here's How it Works:

  1. Download the Google Authenticator app onto your smart phone (Google Play, Apple)   
    (An alternative to Google Authenticator is the "Yubikey")
  2. Add the relevant dashboard into your Devices -> Google Authenticator App (scan barcode using smart phone camera)
  3. Sign into the related dashboard, edit your user account, locate the 2FA settings, and type the verification code into your user account.  Save.
  4. The next time you sign in you will be prompted to enter the verification code along with your password. 
    (Tip: don't just assume this works - test it!)

 

 

What is 2FA?

 Two Factor Authentication is an additional security layer that asks for an randomly generated verification code along with your standard username & password.  Since a username & password can be guessed, lost, or stolen, the additional security layer means that without physical access to your phone, a potential hacker still won't be able to get in!  

 

How about 3FA?

Great question!  Any login or set of credentials involves at least one of three of the following: something you know (a username & password), something you have (a phone), and something you are (a fingerprint, retina scan). 

This means that for the highest level of security, you'll have a username & password, a randomly generated verification code, AND a fingerprint/retina scan!  

However, this is not feasable in most situations, which is why we suggest using a combination of two: the username & password PLUS the randomly generated verification code.

Read 72 times Last modified on Thursday, 26 March 2020 14:03
Add comment