There are those who may think that, because they are not an influencer or do not have many followers, their account has no value for cybercriminals, but hacks of email and social network accounts are the order of the day.
Even if you do not consider that you save valuable information on your Instagram or Twitter account, for example, you should think about the following. In reality, we usually spend a lot of time cultivating our networks, for example, following people we are interested in or saving information such as photographs or texts. Losing it due to a hack represents a great inconvenience not only because of the risk to your personal security, but also because of the hours lost in customizing an account that, suddenly, you can no longer access.
One of the most basic recommendations is to use a different password for each service. Many do not do it because it is a hassle to memorize or save all the different keys. Furthermore, using only the classic username and password presents two types of exploitable vulnerabilities. One has to do with users’ reluctance to generate random or difficult-to-remember passwords. The other, with increasingly sophisticated or powerful attacks by hackers, such as brute force attacks, to guess passwords.
But there is another different method that also exponentially increases the security of our account. This is two-factor authentication (2FA) or multi-factor authentication (MFA).
INCIBE
@INCIBE
Don’t risk it and activate double or multiple authentication factor #2FA #MFA, following these 5 tips 👌 to strengthen 🛡️ your online accounts and avoid 🚫 unauthorized access.
👉 More tips at @osiseguro: https://t.co/hyzRfYc5ge
#SecurePassword https://t.co/o7tRr042i8
April 6, 2024 • 14:02
Four. Five
0
Both methods refer to establishing two or more identity verification methods on your account. That is, in addition to entering with the password, you are asked for at least one additional step to ensure that it is you who is trying to access. This other step can be completed, for example, with a temporary password generated by an app, or by using a biometric device, such as the fingerprint reader or facial recognition system on your mobile phone.
The most used social networks globally have long included the possibility of configuring this level of security, and even encourage the user to do so through notices and reminders. The same thing happens with the main email providers such as Google or Microsoft.
2FA vs Two-Step Verification
Something important is not to confuse two-factor authentication with two-step verification. Two-step verifications typically ask for a password and then a temporary code that is sent to the person via SMS. Their names seem to suggest the same, but this second method is discouraged today. This is because a third party can easily impersonate the official company by sending social engineering messages to obtain user information, as pointed out by the National Cybersecurity Institute (Incibe).
Faced with this, 2FA authentication requires a second step that is much more robust than a simple SMS. This extra layer of security can come in different forms. One is to enter a key generated or saved by a USB authenticator memory, or by an app that generates temporary codes, if we do not want to carry a hardware device. Examples of these apps are Microsoft Authenticator or Google Authenticator. Other forms are data that only the user knows, such as a PIN or answer to a security question, or the biometric data mentioned above.
In summary, the essence of this authentication process is to verify a person using several methods that can be used simultaneously. These are: something the user knows (like the password), something the user has (like a card or app), and something the user is (fingerprint or face).
Set up double factor in your accounts
Some of the platforms and networks that offer to activate this extra layer are: Facebook, Twitter, ManzanaAmazon, Google either Dropbox. To configure 2FA in each of these accounts, you can consult their official guides by clicking on the name of each one.
In addition to these, you can also consult the guides to do the same in your email account. Microsoftin LinkedIn, TikTok, Booking, Twitch, Airbnb, Epic Games, Discord, reddit, Telegram, snapchat, OpenAI either Pinterest.
There are some applications like Uber either PayPal They still offer two-step verification. Although, as we mentioned before, 2FA is more powerful, it is still better than nothing.
The app of WhatsApp, which you probably use every day, also increases account security. To do this, log in and go to Settings > Account > Two-Step Verification. This is an interesting option since, in the event that someone steals your phone, the intruder will not be able to use WhatsApp indefinitely, since at some point it will be blocked and ask for a PIN. It will request this regularly to ensure that you are the one using the app.
Binance
@binance
If you don’t use 2FA, we can’t be friends.
April 6, 2024 • 14:02
3.9K
41
If you want to protect other accounts that we do not collect here, you just have to search the Internet for how to activate 2FA for said platform, and make sure you enter a legitimate link, owned by that company, or published by a recognized medium.
In addition to the code generating apps from Google and Microsoft, there are also the options of using Latch, Duo Mobile or Authy. As a final tip, in addition to using 2FA, try using a password manager that allows you to use different passwords for each website without fear of forgetting them. When using a generator app, keep in mind that you must be very careful if you change your phone or if you want to restore the factory settings on the one you already have. You have to migrate the app to your new mobile or deactivate 2FA. Otherwise, you risk losing access to your account.
