Cyber Threat Blog

Passwords are no longer safe, two-factor credentials are a must

User Rating: 0 / 5

Star InactiveStar InactiveStar InactiveStar InactiveStar Inactive
 

Passwords no longer provide the level of protection they once did.  It is likely that your beloved username and password are floating around the Internet due to the number of data breaches in recent years.  Compounding the data breach risk with advances in computing and cloud computing power, passwords are easier to crack than ever.  

Recent articles from a number of news outlets have highlighted this trend:

Experts encourage you to use different passwords for each website and change them every 90 days but for the majority of people this is not practical.  Two-factor authentication provides a solution that is now easier to use and supported by many websites.    

Two-factor authentication involves using a username, password, and an additional credential to access a website or IT system.  The latter component is typically a time sensitive code or a set of questions that would be difficult for anyone except the user to answer. The time sensitive code can be generated a number of ways, including from a small device (commonly called a token or fob), text message, or an app on your phone.  This code typically changes every 30 to 60 seconds and, if someone were to steal it, the code would not work after that period of time.  The set of questions method typically asks the user to answer queries that only the user might know, for example “What was the color of your car in 2006?”  After entering their username, password, and answering a couple questions successfully, the user is given access to the website.

Corporate America has been using two-factor for a number of years and companies are now making it available and easier to use on consumer and social websites like Gmail or Facebook.  Consumer and social websites are a significant part of our lives and we work with our clients to help them setup two-factor on these sites.  This can be done on Google through their Google 2-Step Verification procedure which can be configured through their website.  On Facebook two factor can be enabled by clicking on settings and going to security.

Below is a short list of common websites that offer two factor and directions on how to enable it:

We work with our clients to assist them in implementing a two factor strategy to protect their information on all of their business, consumer, and social websites.  Two factor authentication is easy to use, available on the most popular web platforms, and is a must have to protect your information in today’s cyber environment.

 


 John Riley is the Director of Cyber Intelligence at Private Client Cyber Security and can be reached at This email address is being protected from spambots. You need JavaScript enabled to view it.


 

About Private Client Cyber Security

We provide enterprise grade cyber security services to professional practices and high net worth clients.

Founded by former defense industry executives who recognized that small to medium sized business are underserved by large cyber security companies.

We strive to provide a personal, professional and a next generation technology level of cyber protection to our clients. 

Twitter @PCCyberSecurity

New York NY | Washington DC | Bethesda MD | Chicago IL | Los Angeles CA
© 2015 Private Client Cyber Security. All Rights Reserved.

Search