two-factor_authentication
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | Next revisionBoth sides next revision | ||
two-factor_authentication [2019/08/21 06:37] β neil | two-factor_authentication [2019/08/21 06:45] β neil | ||
---|---|---|---|
Line 3: | Line 3: | ||
====Key points ==== | ====Key points ==== | ||
* [[two-factor_authentication#" | * [[two-factor_authentication#" | ||
+ | * [[two-factor_authentication# | ||
+ | * [[two-factor_authentication# | ||
====" | ====" | ||
Line 19: | Line 21: | ||
Because of the security benefits of having two-factor authentication in place, you should enable it wherever you can. This normally means "on every site and service which supports it". | Because of the security benefits of having two-factor authentication in place, you should enable it wherever you can. This normally means "on every site and service which supports it". | ||
+ | |||
+ | Check first that you can use whatever two-factor approach you are using on whatever devices you tend to use. If you primarily use your phone, and the service requires a hardware device which is incompatible with your phone, you'll be causing yourself a lot of inconvenience, | ||
====Have a back-up mechanism in case you lose your device(s)==== | ====Have a back-up mechanism in case you lose your device(s)==== | ||
Line 44: | Line 48: | ||
These one-time codes are usually generated by a piece of software on your computer or phone, or else through a dedicated hardware device. | These one-time codes are usually generated by a piece of software on your computer or phone, or else through a dedicated hardware device. | ||
- | Backup codes.Β | + | ===Time-based One-Time Passwords (TOTP)=== |
- | Β | + | |
- | Two hardware devices, so you can store a backup safely in safe.Β | + | |
- | Β | + | |
+ | ===Avoid text message for delivery of codes === | ||
- | Option | + | Some services offer the real-time delivery |
- | Downside of 2FA is that, if you lose your device, you may well be locked out of your accounts. | + | First, text messages are not secure, and a sufficiently motivated attacker is likely to be able to access |
- | If the second code is delivered over SMS, you can probably get a new SIM, get your provider | + | Second, if someone manages to hijack your phone number (sometimes known as "SIM swapping" |
- | If you use an app β which means you are not reliant on getting an SMS β you may struggle more. I donβt have a great solution for this at the moment. | ||
====Hardware security tokens ==== | ====Hardware security tokens ==== | ||
{{:: | {{:: | ||
Yubikeys | Yubikeys |
two-factor_authentication.txt Β· Last modified: 2022/09/08 09:09 by neil