{"id":55,"date":"2018-03-21T23:22:52","date_gmt":"2018-03-21T23:22:52","guid":{"rendered":"https:\/\/www.shipndestroy.com\/blog\/?p=55"},"modified":"2018-03-22T06:38:28","modified_gmt":"2018-03-22T06:38:28","slug":"the-dance-called-the-two-step-authentication","status":"publish","type":"post","link":"https:\/\/www.shipndestroy.com\/blog\/the-dance-called-the-two-step-authentication\/","title":{"rendered":"The Dance called the Two-Step\u2026..Authentication"},"content":{"rendered":"<p>We are all about protecting our data, but to do so, we need long, complicated passwords that you can\u2019t remember so you write it down or worse, use it on every site.\u00a0 Passwords are a struggle that we endure, but as we touched upon last month (<a href=\"https:\/\/www.shipndestroy.com\/blog\/are-passwords-a-thing-of-the-past\/\"><em>Are Passwords a Thing of the Past?<\/em><\/a>) companies like Microsoft are working to eliminate the need for passwords in lieu of something that is easier for us but still provides the security of a password.\u00a0 This technology is in use today in the form of Two-Step Authentication.<\/p>\n<h1>What is Two-Step Authentication?<\/h1>\n<p>When you enter your username and password into a site to login, that is one-step authentication.\u00a0 If, in addition, to that combo, you are required to do a finger or retina scan, voice recognition or a generated pin number in order to log in, that is your second-step.\u00a0 Both steps are required to gain access and add that level of security we need.<\/p>\n<h1>Number Generation Authenticators<\/h1>\n<p>Biometric scanners, such as retina and fingerprint scanners, can be costly and not foolproof when on a budget.\u00a0 However, there are lower cost method that may be perfect for your business (and your personal security as well)<\/p>\n<p>The first is <strong>USB Authenticator<\/strong> like a <a href=\"https:\/\/www.yubico.com\/store\/\">Yubikey<\/a>.\u00a0 This little device plugs into the USB slot on your device and with a press of a button, it generates a one-time password that allows you to log into your device, website, or whatever you have it setup to work with.\u00a0 In order for someone to hack into your account, it would require them to have physical access to your USB Authenticator.<\/p>\n<p>The second one we will discuss is the Smartphone Authenticators.\u00a0 This is probably the most cost-effective of the two because most people already have a smartphone and all they would need to do is download a free app.\u00a0 The two we most recommend is either the <a href=\"https:\/\/support.google.com\/accounts\/answer\/1066447?co=GENIE.Platform%3DiOS&amp;hl=en\">Google Authenticator<\/a> or the <a href=\"https:\/\/lastpass.com\/auth\/\">LastPass Authenticator<\/a>.\u00a0 Both are free and available for both iPhone and Android, however, we have been quite impressed the authenticator from LastPass.\u00a0 While they both will generate a new six-digit number every 60 seconds, the LastPass Authenticator allows for one-tap password verification where you don\u2019t need to enter the six digits, just hit the green approve button to log in.<\/p>\n<h1>What to Do Next<\/h1>\n<p>You can start by activating two-step authentication where it is available.\u00a0 In many websites, it is not offered by default.\u00a0 Joomla sites come with an unpublished two-step authentication plugin.\u00a0 For WordPress and many other websites, you may be required to download a plugin.\u00a0 Bank websites have started offering it to their clients and many sites like Microsoft, Facebook, Twitter, Google have this feature ready to be activated.\u00a0 A quick search will give your instructions on how to set this up.\u00a0 Using Two-Step Authentication will also help protect you from employees who don\u2019t use strong enough passwords and\/or write them down.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>We are all about protecting our data, but to do so, we need long, complicated passwords that you can\u2019t remember so you write it down or worse, use it on every site.\u00a0 Passwords are a struggle that we endure, but as we touched upon last month (Are Passwords a Thing of the Past?) companies like &hellip; <a href=\"https:\/\/www.shipndestroy.com\/blog\/the-dance-called-the-two-step-authentication\/\">More<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-55","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/www.shipndestroy.com\/blog\/wp-json\/wp\/v2\/posts\/55","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.shipndestroy.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.shipndestroy.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.shipndestroy.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.shipndestroy.com\/blog\/wp-json\/wp\/v2\/comments?post=55"}],"version-history":[{"count":2,"href":"https:\/\/www.shipndestroy.com\/blog\/wp-json\/wp\/v2\/posts\/55\/revisions"}],"predecessor-version":[{"id":57,"href":"https:\/\/www.shipndestroy.com\/blog\/wp-json\/wp\/v2\/posts\/55\/revisions\/57"}],"wp:attachment":[{"href":"https:\/\/www.shipndestroy.com\/blog\/wp-json\/wp\/v2\/media?parent=55"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.shipndestroy.com\/blog\/wp-json\/wp\/v2\/categories?post=55"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.shipndestroy.com\/blog\/wp-json\/wp\/v2\/tags?post=55"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}