As safe as a bank locker.\u00a0 One key with the bank and another with you.<\/p>\n
<\/p>\n
Yes.\u00a0 Two-Step-Authentication gives you exactly this feature with a change that both the keys are with you.\u00a0 So even if one gets access to your first password, he still cannot log in or hack into your system.\u00a0 It has become a de facto with any web based service who cares little about data security<\/strong>.\u00a0 Goes without saying that if a service does not support this, they are not serious about data security and your should seriously think about continuing to use them.<\/p>\n So what is this Two-Step-Authentication anyway?<\/p>\n When you signup to a service for example, Gmail or Facebook or Dropbox, you are required to set an account password.\u00a0 This is the first level security.\u00a0 If you have not given a complex password then it is very likely that with few guesses or using a brute force algorithm, someone can successfully guess your password and gain access to your account.\u00a0 This is one of the ways to hack your password.\u00a0 \u00a0There exists many other ways to hack some’s account.\u00a0 Another most popular one is free-wifi<\/strong>.\u00a0 You might feel very lucky that you got access to a free wifi at public cafe.\u00a0 But you never know if the supplier of free-wifi access point is tracking and storing all the incoming \/ outgoing traffic or not.<\/p>\n With Two-Step-Authentication, we set a second password which in most cases keeps changing every 30 seconds.\u00a0 This way your account gets two level of security.\u00a0 First with a static password which you set at the time of signup and second which keeps changing every 30 seconds.\u00a0 So even if someone could successfully guess your first password, he will be blocked when the second level password is asked and will not get access to your account.<\/p>\n How to setup Two-Step-Authentication?<\/p>\n Lets see how to setup two-step-authentication for your Gmail account.\u00a0 Other accounts like Facebook, Twitter, Dropbox should have similar setup.<\/p>\n To setup, once you are logged into your gmail account, go to security section under\u00a0myaccount.google.com<\/a>.\u00a0 Scroll down to “Password & sign-in method<\/em>” and choose “2-Step Verification<\/em>” option.\u00a0 You might be asked to re-enter your password which is ok.\u00a0 \u00a0Gmail supports below types of two-step-authentication:<\/p>\n That was all you had to do setup 2-Step Authentication.\u00a0 Obviously you don’t need to setup all.\u00a0 One of them is good enough but I use all possible combination so that Google can offer me multiple ways to authenticate my 2-Step login attempt.\u00a0 If I have forgot my Security Key, it falls back to Google prompt.\u00a0 If I have forgot the phone in which I have setup Google prompt then to the\u00a0Authenticator App.\u00a0 And so on.\u00a0 So more options your account has to perform 2-step authentication, the more secure your account is.<\/p>\n That was a long write-up.\u00a0 I hope it will help some of you.\u00a0 If you have enjoyed the reading then feel free to share it to your friends via facebook or twitter.\u00a0 I also welcome and feedback or suggestions to improve the article for easy understanding.<\/p>\n [tweetthis]2-Step Authentication – an optimum way to secure your online data. [\/tweetthis]<\/p>\n","protected":false},"excerpt":{"rendered":" As safe as a bank locker.\u00a0 One key with the bank and another with you.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[109],"tags":[],"class_list":["post-553","post","type-post","status-publish","format-standard","hentry","category-google"],"_links":{"self":[{"href":"https:\/\/btrnaidu.com\/index.php\/wp-json\/wp\/v2\/posts\/553","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/btrnaidu.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/btrnaidu.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/btrnaidu.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/btrnaidu.com\/index.php\/wp-json\/wp\/v2\/comments?post=553"}],"version-history":[{"count":4,"href":"https:\/\/btrnaidu.com\/index.php\/wp-json\/wp\/v2\/posts\/553\/revisions"}],"predecessor-version":[{"id":557,"href":"https:\/\/btrnaidu.com\/index.php\/wp-json\/wp\/v2\/posts\/553\/revisions\/557"}],"wp:attachment":[{"href":"https:\/\/btrnaidu.com\/index.php\/wp-json\/wp\/v2\/media?parent=553"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/btrnaidu.com\/index.php\/wp-json\/wp\/v2\/categories?post=553"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/btrnaidu.com\/index.php\/wp-json\/wp\/v2\/tags?post=553"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}\n
\nYou will be presented a set of 10 pre-generated codes<\/strong> which can be used for 2-Step Verification.\u00a0 You can copy or save or note it down in your notebook.\u00a0Each codes works only once.\u00a0 So once you have used one of them, do remember to strike them off.\u00a0 Also remember to generate the new set of codes before the 10th code is been used.\u00a0 This is a very manual way and still can be the best way as you only knows where you have saved those backup codes.<\/li>\n
\nIn this option, you set up a mobile number.\u00a0 When needed, google will send you a SMS or if you are not able to receive SMS for some reason, you can also request a call back.\u00a0 In the SMS will contain the 2-Step Authentication or in the call back, the code will be played.\u00a0 Enter the code and you are done.\u00a0 This is also a secure way with the danger that if you have lost your phone or number then only way to fall back for your 2-Step Authentication is using the Backup codes<\/em> which you generated in the first step.
\nThis option is handy where you don’t have to remember the backup codes or manually manage them.\u00a0 Side effect is, so far SMS reception is free.\u00a0 You never know when google or your operator will start charging for this service.\u00a0 Also, when you are international roaming, SMS messages arrive late and a callback will be very costly.<\/li>\n
\nIf you have a smartphone (Android or iPhone), then you can install GoogleAuthenticator<\/a> or Authy<\/a> app.\u00a0 Once you have installed the app and choose this option, you will be presented with a bar code.\u00a0 Launch the app and scan the code.\u00a0 Once the scan is successful, you will be presented the 2-Step Authentication code which changes every 30 seconds.
\nHighly recommended.\u00a0 Always works.\u00a0 No need to worry about receiving sms or call while roaming or managing the backup codes manually.\u00a0 What happens if you have lost your phone?\u00a0 You fall back to Backup codes<\/em> :).\u00a0 A point worth mentioning is that Authy also has desktop apps.\u00a0 So if I have forgot my phone, I start the Authy in my desktop and generate the codes.<\/li>\n
\nIf you have a smartphone and have configured a gmail account then you can use this option.\u00a0 Follow the setup instruction and once setup, every time you try to login, google will prompt you on your configured phone to allow or disallow the login attempt.
\nVery easy and highly secure.\u00a0 If you have lost your phone, you already know by now :).\u00a0 Fall back to Backup codes<\/em>.<\/li>\n
\nSo far what we have seen is software based 2-Step Authentication.\u00a0 This option gives you hardware based authentication.\u00a0 You can buy a usb smart card with cryptography functionality in it.\u00a0 I use\u00a0Hyperfido Mini (U2 \u00b0F Security Key)<\/a>.\u00a0 Currently this device works only with Google Chrome browser.\u00a0 So if you are using some other browser, you need to find a compatible device.\u00a0 It is like a usb dongle but not to store data but to randomly generate 2-Step Authentication tokens.\u00a0 Follow the on screen options to setup this device and from next time onwards, all you have to do is, push a button when you try to login.
\nIt is not water proof and you may easily forget it unless you tie it to your home key-chain :).<\/li>\n<\/ul>\n