SECURITY: two factor authentication (2FA)

January 24, 2018

2FA – optional for now, a must in near future

We live and operate in a digital world where security should be our priority number one, but let’s be honest, it rarely is. How many of you have really strong passwords that do not repeat and are changed frequently? I know! It is a painful, boring and time-consuming process. Well, luckily there are services like LastPass and other password management tools that help us simplify it and use our time better, liking chilling at the beach for example:).
Note: to get a premium membership for 1 year free, use this link for LastPass (not guaranteed)

Additionally, to our standard username-password system, it becomes more and more common to use 2FA. That is a Two Factor Authentication (TFA/2FA) process, where one factor is a knowledge of our password and second is access or code from a different source. Those of you with internet bank access, you most likely use SMS as authorisation for your transactions. There are, however, other options such as phone call, hardware token (little dongle provided by banks) or software token generator.

Nowadays, you can secure plenty of online apps and services (such as facebook, google, twitter, etc.) with 2FA. We will see only a growth of its application in near future. I encourage you all, to activate those 2FA as the techniques of breaking into systems are constantly evolving. What do you consider secure today, might be broken tomorrow. So additional layer like 2FA is a good option, for now.

Some of you may have heard of Google Authenticator. It is a software token generator, that spits out numbers that you then use to authenticate your access to particular service or app. It is sort of like getting SMS verification code, but the code is generated by the application instead of receiving it from a 3rd party.

authy vs google auth

Well, before you even touch it, forget about Google Authenticator (GA) and look at Authy. It does the same but much more and trust me, you want that little more. At the bare minimum, GA does not provide backups so if you lose access to it, you will have a lot of “fun” trying to cancel 2FA with services you use and recover your access. I was there, I learned the lesson, so you don’t have to. Here is a full comparison between Google Authenticator and Authy to convince us all. Oh, and it is FREE of course.

 

Additionally, you could also use LastPass Authenticator, but that one works on mobiles only at the moment of writing this post. Lastly but not least, there are several others 2FAs available, so do your research and chose the one suit you the best. Authy kills it for me now. Also, if you haven’t check out that LastPass password manager – I am sure you will love it and if not, I want to hear more from you.