That is a statement you never want to hear, especially if you were the one who uttered it. It’s a gut-wrenching feeling to discover that one of your accounts have been compromised. You’ve been violated, and it truly sucks. If you’ve never been there, I can assure you, it’s a horrible feeling. Now consider this, not just one account was hacked, but multiple accounts encompassing your entire social media presence. It’s taken you years to build up, and in one fell swoop, has fallen into the control of someone else. Ugh! Nooooooo!!
With the hopes of never having to utter those soul crushing words, let’s take a step back to see what you can you do right now to protect your future self. There are two topics I’d like to discuss. They work in tandem, and they are the two single most important ways you can protect your online identity. Part 1 will be looking at what MFA is (Multi-Factor Authentication), how to set it up, and how to manage it. Part 2 will be dedicated to Password Managers and how remembering only one password, will keep the rest safe and secure.
Part 1 – Multi-Factor Authentication (MFA)
Also referred to as Two-Factor Authentication (2FA), and even One-Time Passwords (OTP), MFA adds extra security to ensure your accounts are protected. In short, MFA adds an extra Layer, or Factor, of authentication to log into your account, making it harder to compromise. In addition to your regular username and password, there is an additional randomly generated code, valid for only 30 seconds before being regenerated and replaced by a new code, that is required to log in. I can hear some of you saying that this all sounds super complicated. To be fair, behind the scenes, it truly is, but thankfully we don’t have to worry about that. From our perspective though, setting up and using MFA is pretty simple. Type in your username, your password, and your MFA code. Boom! You’re logged in and your account is secure.
What do you need?
In order to get the ball rolling, we need an additional device. “Wait, how does an additional device make things simple?” That’s a fair question, and the answer is pretty simple. We’re going to leverage something that you already carry around with you. That little device in your pocket or purse, which has exponentially more computing power than was available to fly humans to the moon, is the key to helping keep the Internet interlopers from accessing your accounts. Your cell phone!
What’s next?
Well, to make the MFA magic happen, we also need an app. The app is what continually generates those secret codes I mentioned earlier. While there are many different MFA apps available for both iOS and Android, I will only be focusing on the basic functionality in this article. Once the app has been downloaded to your cell phone, we need to configure it for each online account you want to protect.
Once you enable MFA on your account, there will be a couple one-time steps to go through in order to get things setup, and this is where your app comes in. With MFA enabled, a QR code will be presented on your computer screen (similar to the one below).
Scanning the QR code with your app will create a new entry associated with the site you’re setting up, and a six digit code will be presented. In order to confirm the code generation was successful, you will need to enter the generated code to complete the MFA setup. Once the code has been confirmed and MFA enabled, you will need to enter the code in addition to your regular credentials anytime you log into the account going forward. There are some apps, such as the Microsoft Authenticator, which will prompt you on your mobile device to approve or deny a login instead of having to enter in a six digit code. This extra functionality makes the entire MFA authentication process even easier.
With MFA enabled, you can rest easy knowing that your accounts have a higher level of protection, and are much harder to compromise, even if someone managed to obtain your username and password. With so much of our lives being digital, it’s imperative to utilize extra security measures.
In part two, we’ll talk about what a Password Manager is, how it works, and how it can tie in directly with accounts protected with MFA to make the process even simpler.
