Take Charge of Security With Two-Factor Authentication

Take Charge of Security With Two-Factor Authentication
2 Factor Authentication

As attacks by hackers become all too common, it is increasingly important to ensure that accounts and passwords are protected. Two-factor authentication (2FA) provides an extra level of protection to accounts and is an important security option that all companies should consider. If you have questions or would like to learn more, AE Technology Group would be happy to help.

What is Two-Factor Authentication?

Two-factor authentication provides a method for ensuring that accounts are safe, even if a password is hacked or stolen. In addition to use of a password, 2FA requires that the account holder provide an additional piece of data or information to confirm the account. While there are many options for the second authentication factor, three common choices are:

  • A piece of information unique to the user, such as a password or PIN;
  • A physical object owned by the user, such as a smartphone or token; or
  • A biometric indicator, most commonly fingerprints verified by a fingerprint reader.

When an account needs to be verified, the system will first require that the user enter their password and then request their second form of authentication. For example, after a password is entered, the system may generate a phone call to the user’s smartphone.

What Are the Benefits of 2FA?

The most obvious benefit to 2FA is security. In the password/smartphone example used above, a hacker would only gain access to the account if they knew the account password and had access to the associated smartphone. 2FA also allows for increased flexibility for workers. Without having to worry about the safety of their devices, they can work remotely and in more locations – allowing them to maximize their time and productivity.

How Do I Implement 2FA?

AE Technology Group is perfectly poised to help your business implement 2FA.

Contact us today to get help improving safety and security for your business and employees.

Why Is 2-Factor Authentication Important?

Why Is 2-Factor Authentication Important?
2-Factor Authentication

Hacking is becoming more common as major websites have had data leaks containing emails, passwords, and other sensitive information. This kind of hacking has made international headlines and brought the issue of cybersecurity and internet safety to the forefront. Any computer that gets infected and that contains your personal information can make the victim of identity theft. The most serious cases of hacking will include hackers getting far more than just your email and password. Oftentimes, such information and data security breaches will include hackers getting access to even more of your sensitive information such as your credit card or bank account numbers or even your address, phone number, and social security number.

Many people use passwords to keep the bad guys out of their information and out of their accounts, however, sadly, in 2018, that’s not always enough of a protective barrier to keep your sensitive information safe. Today’s most sophisticated hackers have learned how to use methods like phishing and pharming to test billions of password combinations till they find yours. Once they do that, all of the sensitive information contained inside is theirs for the taking!

Many internet users are even easier targets as they likely use the same password for multiple accounts on multiple websites because it makes their information easier to remember. If you do that, once a hacker gets access to one site, they have access to all of the sites with the same username and password combination, which can compromise more of your personal information that would otherwise be compromised if you used different combinations for each site.  

To combat this increasing issue of hackers getting into people’s information, many websites are taking to using what is called “2-factor authentication” which is essentially a system that double-checks a person’s identity to make sure they are the person who should be accessing the account before letting them in. This 2-factor authentication can be required every time a person logs in or if they are logging in from a new device, for example.

Many websites that you already use have this 2-factor authentication option. Sites like Facebook and Gmail are great examples of sites that give users this option. Users simply have to use their settings to request 2-factor authentication as an option. One example of 2-factor authentication is entering a code that you are texted or emailed to access your account if you forget a password or want to change a password. This is confirming you are who you claim you are, so you have already engaged in a 2-factor authentication process.

This 2-factor authentication is even more crucial when protecting personal information such as your banking information or personal email where further personal information may be attainable. It’s unfortunate that we live in a world where people try to take other people’s information but it is happening more and more often these days. Protecting your information should be your number one priority and 2-factor authentication is the latest way to do just that.

For more information about 2-factor authentication and how you can protect your personal information please feel free to contact us at the AE Technology Group for further assistance.

Computer Tip of the Day: Passphrase Alternative to Passwords

Passphrase Alternative to Passwords

You hear it constantly. “Use strong passwords.” “Don’t reuse passwords.” “Don’t use common words, be sure to mix characters, etc.” To the average technology user, it’s more than enough to be so overwhelming that the rules can encourage bad security habits.

Traditional passwords, even strong ones, are easier to crack by way of brute force (computer-assisted repeat attempts to try different character combinations) than you might think. Combine this with the need for users to remember complex, unique passwords and often relying upon unsecure practices like writing account information down, and it’s no wonder so many accounts are compromised.

Enter the Passphrase

Rather than using gibberish or some arcane, and easily confused, character swapping setup, you can form a surprisingly secure and easily remembered passphrase by stringing together 3-4-word short sentences.

Example: Orange bananas are weird!

Think about how simple that phrase will be to remember. You can even have some fun with your passphrases, coming up with goofy and entertaining snippets that will give you a little chuckle every time you type them in.

By using spaces (Note: some services will not allow spaces in password fields) to separate the words, you create an incredibly resilient ‘password’ to secure your accounts. Some studies even suggest that it will take millennia (yes, millennia) for a brute force attack to eventually guess the passphrase and crack the account. Remember, a space is considered a special character. When you add in capitalization and normal sentence punctuation, plus passphrases that are 20+ characters long, you’ll meet the complexity requirements of most, if not all, services you need to create passwords for.

Lastly, many of your accounts will likely require you to change passwords every few months, at a minimum. Who hasn’t run into a situation where you struggle to come up with a new, unique password on the fly? Passphrases are easier by far to alter, substituting in new words, while not causing overt confusion when you next go to log in.

There are alternatives to creating passphrases to secure your accounts better than traditional passwords. Password managers come to mind. If you don’t trust, or understand, how to use a password manager, or just prefer the control that comes with making your own passwords, consider changing to the passphrase approach.

Contact us to discuss ways we can help you secure you, your business, and your family today.

Password Protection – Computer Tip of the Day

Password Protection - Computer Tip of the Day

Password Protection

One of the most important things to make sure you do when browsing the web or even just using your computer in general, is to make sure your passwords are as secure as possible in order to keep your data safe from hackers and keep your accounts secure from various kinds of attacks on your accounts and personal information.

What many people don’t seem to realize is that there are a number of different ways to get hacked that can be easily avoided by users, in theory. The most common methods currently used to try and break into your accounts are dictionary attacks, cracking security questions and social engineering. In addition, many people making hacking their accounts easier on hackers by setting extremely simple passwords which can be easily guessed or using the exact same password for multiple accounts.

Dictionary Attacks

Dictionary attacks are when a hacker figures out your password by trying a massive number of different options one after another until they manage to break into your account through repeated attempts. The primary method of avoiding having your account broken into like this is to is to avoid things like spelling words backward, common dictionary words and consecutive combinations of letters like qwerty, asdf and so on.

Breaking Security Questions

Quite a few people use common words or names like their first name, their pet’s name or their place of work as answers to their security questions and all of these things are extremely straightforward to figure out with a bit of research. You can easily make these questions much harder to figure out just by making the answers to your security questions something a lot harder to figure out as well as making them things that a potential hacker couldn’t find just by browsing your Facebook page.

Social Engineering

This is a fancy term for elaborate lies and it is an alternative to standard hacking. Social Engineering is where a hacker attempts to manipulate you into revealing certain pieces of confidential information like their email password or social security number.

Reusing Passwords

Using the same password on multiple occasions is generally not the best idea as it does make hacking you much easier. It also exposes multiple accounts to being hacked simultaneously as breaking the password on one account will allow a hacker access to every single account that uses that password.

For more tips and hints on how to protect your accounts from hackers, contact us today!