two-factor_authentication
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revisionNext revisionBoth sides next revision | ||
two-factor_authentication [2019/08/04 15:57] – created neil | two-factor_authentication [2019/08/21 06:37] – neil | ||
---|---|---|---|
Line 1: | Line 1: | ||
=====Two-factor authentication===== | =====Two-factor authentication===== | ||
- | ====What is " | + | Â |
+ | ====Key points ====Â | ||
+ | * [[two-factor_authentication#" | ||
+ | Â | ||
+ | ====" | ||
+ | Â | ||
+ | When you log in to a site or service using a username and password combination, | ||
+ | Â | ||
+ | To increase your security, you need to add additional " | ||
+ | Â | ||
+ | You choices are " | ||
+ | Â | ||
+ | " | ||
+ | Â | ||
+ | This page focusses on " | ||
+ | Â | ||
+ | ====Enable | ||
+ | Â | ||
+ | Because of the security benefits of having two-factor authentication in place, you should enable it wherever you can. This normally means "on every site and service which supports it". | ||
+ | Â | ||
+ | ====Have a back-up mechanism in case you lose your device(s)====Â | ||
+ | Â | ||
+ | A risk of enabling two-factor authentication is that, if you lose control of the second factor, you will be unable to access the service in question. | ||
+ | Â | ||
+ | ===Backup one-time codes ===Â | ||
+ | Â | ||
+ | If you are using one-time codes, you are usually prompted to download and save some backup codes, which you can use if you lose your one-time code generator. | ||
+ | Â | ||
+ | If you use a password manager, and if you back this up, you might store your backup codes in that. | ||
+ | Â | ||
+ | Alternatively, | ||
+ | Â | ||
+ | ===Backup hardware devices ===Â | ||
+ | Â | ||
+ | If you are using a hardware device, good practice is to buy two identical devices, and configure them to mirror each other. Â | ||
+ | Â | ||
+ | Keep one with you, to use for logging in, and keep the second in a safe. | ||
+ | Â | ||
+ | ====Something you have: one-time codes ====Â | ||
+ | Â | ||
+ | Some sites will let you configure your account to require you to put in a one-time code, in addition to your username and password. | ||
+ | Â | ||
+ | These one-time codes are usually generated by a piece of software on your computer or phone, or else through a dedicated hardware device. | ||
+ | Â | ||
+ | Backup codes. | ||
+ | Â | ||
+ | Two hardware devices, so you can store a backup safely in safe. | ||
+ | Â | ||
+ | Â | ||
+ | Â | ||
Option of 2FA — so if you do make a mistake and give away your username and password, still hard for someone to make use of them, as they require an extra piece of data which (hopefully) on your can generate. | Option of 2FA — so if you do make a mistake and give away your username and password, still hard for someone to make use of them, as they require an extra piece of data which (hopefully) on your can generate. | ||
Line 10: | Line 60: | ||
====Hardware security tokens ==== | ====Hardware security tokens ==== | ||
+ | {{:: | ||
Yubikeys | Yubikeys |
two-factor_authentication.txt · Last modified: 2022/09/08 09:09 by neil