|
| They're out there - guessing your mother's maiden name, your home town, your high school mascot. These are all easy answers for the hacker that really wants your information. Sidney Blumenthal, a highly-placed advisor to the Secretary of State's office a few years ago had his e-mail hacked when an Eastern European hacker by the name of Guccifer easily guessed Blumenthal's secret answers simply be researching Blumenthal's known information on Facebook, LinkedIn, etc.
Enter two factor authentication (2FA) - which many of the major web-sites now offer. Two factor authentication is fairly simple, yet stops almost every hacker out there, because 2FA requires the person logging in to:
1.) Who you are (your user name)
2.) What you know (password, PIN, etc).
3.) Something you have - this is where things get interesting.
The best 2FA to use is your cell phone. This requires each time you log-in, to have your cell with you, and enter the contents of a text message you will receive when you are logging in. A majority of these 2FA's have a set time limit as to when that text message needs to be entered into the log-in before the log-in attempt is closed. This is also handy if someone is trying to hack your account, as you will suddenly start getting text messages from Facebook, or the bank, with your response message to be entered, and you know you aren't trying to log-in.
URGENT AND IMPORTANT - don't change your cell phone number until you've updated your account with the new phone number! You will be very, permanently S.O.O.L. if you fail this, as your old cell will be getting the texts, and nobody will be able to give you the information in time.
Also used for 2FA are finger-prints - most new smart phones have finger-print readers built in to them. And, if you need one for a laptop or desk-top computer, there are USB add-ons for less than $20, and replacement keyboards that have the reader built-in. You could also do a NCIS Jethro Gibbs retinal scanner, but those get a tad pricey.
Bank of America offers a "SafePass" card which generates a single-use six-digit key code you must enter into your log-in page. BofA charges $20 for the card.
Another part of the 2FA option is to answer secret questions. But given the example above, those are fallible. If you choose the mother's maiden name, hometown, favorite pet as part of your 2FA, LIE! Yep, LIE, but remember your lie (which catches most liars who can't remember their lies). If you use the maiden name, don't use your mother's, use your wife's, or paternal grandmother's.
One of my clients had a system where administrators needing "God-like" authority over their network servers, had a key-fob with a digital read-out assigned to each admin. The alpha-numeric display changed every 60 seconds, and was not hackable. The admin would log-in with their username, password and then have 60 seconds to enter the displayed message.
Edited by YawLes 6/13/2016 18:09
| |
|
Two factor authentication (2FA) helps stop fraud
