I’ve noticed a pattern lately that whenever I don’t check my Facebook account for more than a day, I get notifications that someone is trying to access my account via password reset. Fortunately, I use two-factor authentication on all of my accounts. (In the case of Facebook I’m forced to use two-factor because of the size of my following). While it can be annoying to have to use your phone or a second computer to verify your identity when signing into an account, it’s a heck of a lot less annoying that dealing with all of the frustration and headaches that come when one of your online accounts is compromised. 

What is two-factor authentication?

Two-factor authentication, sometimes called two-factor verification, is a system in which you have to enter a password and then receive an SMS (text) message or email through which you verify that you actually tried to sign into your account. I use this on every service that offers it including my Google account and all bank accounts. This is great because if someone does try to sign into one of my accounts from a computer or phone other than mine, I immediately get a text message. My friends Lee and Sachi LeFever at Common Craft have a great video that explains two-factor authentication. You can see that video here.

Your Password Isn’t Strong Enough!

If you’re thinking, “I don’t need two-factor authentication, I use a strong password,” you’re wrong. In How Easy It Is To Crack Your Password Kevin Mitnick explains why your “clever” use of “@” in place of “a” in your password isn’t fooling anyone. He demonstrates how quickly hackers can crack passwords and explains why you should use passphrases along with two-factor authentication. 

Beware of Social Engineering

Last year I showed this video, another one featuring Kevin Mitnick, to my networking students and they laughed the gullibility of the people who fell for his social engineering attack. Watch it and don’t be the security manager from Motorola. 
Kevin Mitnick was one of the most wanted hackers in the world in the 1980’s and 1990’s. His autobiography, Ghost in the Wires, is a fascinating read for anyone who is interested in the world of hacking. He’s now a security consultant for a firm called KnowBe4 and he published The Art of Invisibility which is about how to minimize and protect your digital footprints.
Common Craft videos can be reviewed online for evaluation purposes. To use embed them into a blog as I’ve done requires a membership (which are very reasonably priced).

Disclosure: I have an in-kind relationship with Common Craft.