Account security

2FA

Account Security (2FA / MFA / Backup Codes / E-mail recovery)

 

The reason you want to enable 2FA is to prevent to let some stranger or hacker access your account, when they've retrieved or guessed your password.

 

What you should do is put an extra layer of protection so you can prevent this, and that you're certain, only you can access your account and nobody else, by the means of:

  • sms (not to be used when you're an high level target)
  • code
  • backupcode
  • backup emailadres
  • hardwarekey

 

To enable 2FA for the most common website, read on for the link 2fa tutorial.

 

Hackers or people with bad intentions do this via:

  • Phishing mails
  • Wachting over your shoulder
  • Gain access via an unpatched computer
  • Reading your password.txt / Excel file
  • Guessing your password > Brute Force Dictionary Attack.
  • Look in a Database if your current password is the same of the hacked account. This does not mean you were victim then, but re-using old credentials can get you in trouble.

 

I'll be providing some options and where to find them.

 

Want to know more?

 

2FA (Two factor authentication) MFA (Multi Factor Authentication)

 

 

 

 

 

 

Alternatieve Authenticator:

 

Previosly mentioned three, are a in the form of an app that provides you the 6-Digits code to enter when you log into your account with your username and password.

  • SMS Authentication
    • Can be used without an app, but is not so secure (SIM-Swapping), and goes plain text over the network.
  • Back-up codes
    • Alway's generate back-up codes, and sent them to your private e-mail (just make sure, 2fa is enabled on that account
  • Alternative e-mailadres
    • Make sure you've got a second e-mailaddress where the authentication code can be send to in case you loose your phone.

 

 

Multi-Factor Authenticate / 2FA Tutorial

 

For above mentioned e-mail providers, there are apps who provide you to do so.

To see a list of supported providers, go to the following link, and add a phone number, recovery emailaddress, scan the QR code en enable 2fa.

 

 

Bought a Hardware Key like the Yubico > Yubikey 5 NFC ?

Lookg at the following article: 

Yubico's Yubikey 5 NFC 2-Factor Hardware Authenticatie HowTo

https://cyberawareonline.isee2it.nl/index.php/en/devices/47-yubico-s-yubikey-5-nfc-2-factor-hardware-authenticatie-howto