Protecting Your Data in a Screen Addicted World
Cyber security is quickly becoming one of the hottest topics in tech. Corporations and nations alike continue to do everything possible to keep their data safe, or at least they should be.
We live in a digitally-addicted world where everything dear is kept on the world wide web and accessible through the devices we stare at all day. We share some of our data with friends, families, and colleagues, while other data is kept private and hoped to stay safe. But does anyone really know what’s safe anymore? Does anyone remember STUXNET, or when Mat Honan from Wired was hacked through social engineering? The answer for the every-day Gmail and Facebook user is likely "no." Using Two-Factor Authentication can help make sure you are the only one deciding if your data is accessible or not.
Two-Factor isn’t new. In 2013, LifeHacker wrote an article suggesting accounts you should immediately receive the security treatment. Gizmodo wrote a similar article in 2014 suggesting everything being enabled with Two Factor.
You can learn all about Two-Factor Authentication here, but diehard Cleveland Sports fan, r/sysadmin contributor and protector of all things networks, Don Willoughby (@dwill) offers some tips on how to employ it below:
@dwill is an NYC based system admin who regularly lugs 27in iMacs on the subway
"Logins that require only a password are not secure. What if someone gets your password? They can log in and the site won’t know the difference between you and the intruder.
Think nobody will guess your 15-character password of mumbo-jumbo? It’s still possible: A keylogger or visual hacker could obtain it while you’re sitting there sipping your 700-calorie latte as you use your laptop. The most popular and common way people get their passwords compromised is through a phishing email. This method tricks the user into giving out his or her password. The simple username/password combination is extremely vulnerable to a number of attacks.
What an intruder can’t possibly do, however, is log into one of your accounts using YOUR phone (unless they steal it, of course). And why would they need your phone? Because your account requires two-factor authentication: your password and then verification of a one-time passcode that the site sends to your phone.
Two-factor authentication also prevents someone from getting into your account from a device other than the one that you’ve set up with two-factor.
You may already have accounts that enable two-factor authentication; by activating it you’ve just beefed up your account security to a whole new level.
With two-factor authentication, your account can only be accessed on devices you trust, like your iPhone, iPad, or Mac. When you want to sign in to a new device for the first time, you'll need to provide two pieces of information - your password and the six-digit verification code that's automatically displayed on your trusted devices.
On your iPhone, iPad, or iPod touch:
- Go to Settings > iCloud > tap your Apple ID.
- Tap Password & Security.
- Tap Turn on Two-Factor Authentication.
On your Mac:
- Go to Apple () Menu > System Preferences > iCloud > Account Details.
- Click Security.
- Click Turn on Two-Factor Authentication.
Google’s two-factor is called 2-step verification. It can be configured for multiple Google accounts and is very similar to Apple’s two-factor authentication.
- Go to the 2-Step Verification page. You might have to sign in to your Google Account.
- In the "2-Step Verification" box on the right, select Start setup.
- Follow the step-by-step setup process.
Twitter’s two-factor is called login verification. Twitter uses a verified phone number and a confirmed email address for login verification.
- Visit your Account Settings page.
- Select Require a verification code when I sign in.
- Click on the link to add a phone and follow the prompts.
Facebook’s two-factor is called login approvals. Login approvals is a Two Factor Authentication system that requires you to enter a code sent to your mobile phone via text message whenever you log into Facebook from a new or unrecognized computer.
- Open your Facebook and go to Account Settings.
- On Security Settings, in Login Approvals click Edit.
- Click Get Started.
Once two-factor verification is enabled Dropbox will require a six-digit security code or a security key in addition to your password.
- Sign in to dropbox.com.
- Click on your name from the upper-right of any page to open your account menu.
- Click Settings from the account menu and select the Security tab.
- Under Two-step verification section, click Enable.
- Click Get started.
Additionally, check to see if any other accounts you have offer two-factor, such as your bank or any other social media accounts. Following these steps will give you an extra layer of security and, along with a pair for Felix Grays, allow you to spend hours consuming your favorite digital content with peace of mind!"