March 21, 2018

The Dance called the Two-Step…..Authentication

We are all about protecting our data, but to do so, we need long, complicated passwords that you can’t remember so you write it down or worse, use it on every site.  Passwords are a struggle that we endure, but as we touched upon last month (Are Passwords a Thing of the Past?) companies like Microsoft are working to eliminate the need for passwords in lieu of something that is easier for us but still provides the security of a password.  This technology is in use today in the form of Two-Step Authentication.

What is Two-Step Authentication?

When you enter your username and password into a site to login, that is one-step authentication.  If, in addition, to that combo, you are required to do a finger or retina scan, voice recognition or a generated pin number in order to log in, that is your second-step.  Both steps are required to gain access and add that level of security we need.

Number Generation Authenticators

Biometric scanners, such as retina and fingerprint scanners, can be costly and not foolproof when on a budget.  However, there are lower cost method that may be perfect for your business (and your personal security as well)

The first is USB Authenticator like a Yubikey.  This little device plugs into the USB slot on your device and with a press of a button, it generates a one-time password that allows you to log into your device, website, or whatever you have it setup to work with.  In order for someone to hack into your account, it would require them to have physical access to your USB Authenticator.

The second one we will discuss is the Smartphone Authenticators.  This is probably the most cost-effective of the two because most people already have a smartphone and all they would need to do is download a free app.  The two we most recommend is either the Google Authenticator or the LastPass Authenticator.  Both are free and available for both iPhone and Android, however, we have been quite impressed the authenticator from LastPass.  While they both will generate a new six-digit number every 60 seconds, the LastPass Authenticator allows for one-tap password verification where you don’t need to enter the six digits, just hit the green approve button to log in.

What to Do Next

You can start by activating two-step authentication where it is available.  In many websites, it is not offered by default.  Joomla sites come with an unpublished two-step authentication plugin.  For WordPress and many other websites, you may be required to download a plugin.  Bank websites have started offering it to their clients and many sites like Microsoft, Facebook, Twitter, Google have this feature ready to be activated.  A quick search will give your instructions on how to set this up.  Using Two-Step Authentication will also help protect you from employees who don’t use strong enough passwords and/or write them down.