2FA: 6 Places to Start
These days, most people have at least some familiarity with two-factor authentication (2FA). For example, your ATM card uses 2FA. Here are 6 other places you should look into using two-factor identification to protect yourself.
2FA just means you need two things to get access. Like with your ATM card —the card itself and your PIN. Increasingly, other online accounts text you a one-time code to enter before completing a transaction.
Experts say now’s the time to truly embrace this technology. A Microsoft report concluded that 2FA works far better than the username/password approach, blocking 99.9% of automated attacks. Both Microsoft and Google wholeheartedly urge adoption of 2FA where possible.
But for what accounts should you proactively enable 2FA?
You probably have login credentials at dozens of online services that support 2FA, so the best strategy is to make a prioritized list and work your way through it:
1. Password/identity managers. Using a password manager is perhaps the best way to ensure that you have a strong, unique password for every service, but that also creates a single point of attack. Adding 2FA shores up this potential weakness.
2. Microsoft and Google accounts. If you use services from either company, adding 2FA support is essential.
3. Email accounts. If bad actors take over your email account, they can wreak havoc—email messages are a standard means of sending password reset links.
4. Social media accounts. As with email, the biggest risk associated with a hacked Twitter or Facebook account is that it will be used against your friends and associates. Even if you rarely post, you should protect these accounts.
5. Banks and financial institutions. Most banks and credit card companies have made significant investments in back-end fraud detection programs, so their 2FA options may seem limited. Nonetheless, it’s worth exploring these settings and tightening them as much as possible.
6. Shopping and online commerce. Any site at which you’ve saved a credit card number should be secured.
© National Security Institute, Inc. www.nsi.org
Recent SecuritySense Posts
- 5 Things Crooks Love to See In Your Social Media Profile
- FAQ: Security and the Cloud
- The Ransomware Perfect Storm
- Children More at Risk Online During Pandemic
- Going Back to the Office? You’re a Perfect Target for Phishers
- 5 New Social Engineering Tactics Criminals Are Using Right Now
- Frequency Strategy in Security Awareness Campaigns
- Security Awareness Email Is Not Spam
- April Scam Watch
- Top 4 Emotions Used in Social Engineering
Protect Yourself & Your Company From Cybercrime
Why shouldn’t your life be a little easier?
We want to make it super easy for you to market cybersecurity awareness to everyone at your company. We’re here to help you be more persuasive and support your work to make the entire company cyber-savvy.
Maybe you’re not a “marketer,” but you can be. You can get their attention with content that’s relatable, relevant, concise and enjoyable to read. We get feedback all the time from your peers who tell us their employees look forward to receiving SecuritySense.
SecuritySense is a subscription-based content service that delivers you a consistent supply of fresh cybersecurity awareness content so you can easily maintain an ongoing cybersecurity brand awareness campaign
Our Unique Content Strategy
People pay attention to content they find personally relevant. SecuritySense doesn’t feel like you’re being given extra work to do. It’s a blend of personal and work-relevant cybersecurity tips, warnings, human interest stories, instructions, news and insights that everyone looks forward to receiving. More about our content strategy
The Secret to Creating Awareness
Brand marketers know if you want to create awareness you have to do two things. Steadily promote your message and make sure the message offers content that personally resonates with your audience. SecuritySense makes it easy for you to do both.
Compare Our Per Employee Cost
Compare our per employee annual cost with the $8.00 – $20.00 seat licenses you might pay for training platforms. It’s a no-brainer to add SecuritySense to your overall program.