![]() In a second or two, the authenticator app begins generating codes for LastPass. ![]() On your phone, you’ll open Google Authenticator or Authy and hold it up so the camera can see the barcode. In the next window, you’ll see a barcode. ![]() In Settings / Account Settings / Multifactor Options, choose two-factor authentication with Google Authenticator. Log into your LastPass Vault, for example. Down below, I’ll tell you other reasons I recommend Authy, but an important one is that it is fully compatible with Google Authenticator.Īfter you install the authenticator app on your phone, setting it up for one of your accounts is usually easy. Google Authenticator is the most widely supported almost every site that supports 2FA works with Google Authenticator. Not all services support all authenticator apps. There are authenticator apps from Google, LastPass, Microsoft, and others. Authenticator apps are not vulnerable to this problem, and thus are a more secure way to do two-factor verification.Īn authenticator app generates codes every 30 seconds. “Unfortunately, it isn’t that hard for thieves to impersonate you to your mobile phone carrier and hijack your mobile phone number-either with a phone call to customer support or walking into a phone store,” says Lorrie Cranor, a computer scientist at Carnegie Mellon University and former FTC technologist who had her own SIM stolen in 2016. Seriously, if there is any way to turn on 2FA for a sensitive account, you should use it, even if an SMS code is the only option.Īuthenticator apps are easier to use and more secure than text messages, because bad guys can hijack SMS codes. The code is sent by text message to the phone number that you have on file.įor security, this is far, far better than nothing. Your account is set up so it cannot be opened until a six-digit code is typed in. Text messages are the most common way to handle two-factor authentication. Use an authenticator app instead of text messages The effect is that the inconvenience is minimized day to day, but you still get increased protection, because the extra step will still be required if anyone tries to sign in to your account from another device. When you use that service, you won’t be asked for the code because you trust your own phone or your laptop. Some services (including LastPass and Google) allow you to check a box for the service to trust the device that you’re using at that moment – perhaps permanently, perhaps for two weeks or a month. They’ll be asked for the other thing – the text message code or the number from the app on your phone – and they won’t have any way to supply it. If an account is secured by 2FA, then the bad guys can’t get into the account even if they get the password. When you set up two-factor authentication, your account is still secure even if the password is hacked. When two-factor authentication is turned on for one of your accounts – Google, LastPass, your bank – you have to enter your password, PLUS you have to supply a code sent by SMS or a number generated by an app. It’s similar to Google Authenticator (and fully compatible with all sites that can be set up with Google Authenticator), but it has some significant advantages: Authy can be secured on the phone it can be securely backed up and transferred seamlessly to a new phone and it can be used on a computer. Using an app on your phone is more secure and more convenient than waiting for a code to arrive as a text message.Īuthy is the best way to set up 2FA. From a security perspective, it’s like night and day. The combination of 2FA and a password is far more secure than having just a password, even if the password is complex. The extra thing might be a code sent as a text message to your phone or a number generated by an app on your phone. Two-factor authentication (2FA) adds an extra step to the process of logging into an account – LastPass or your Google account, for example. But stick with me for a few paragraphs, at least until I get to the geeky details at the end. It’s roughly like having an insurance salesperson look you in the eye and ask you if you’ve thought about what will happen to your family after you’re gone. I know you don’t want to think about this stuff. I want to talk to you about two-factor authentication and why you should use Authy to generate codes on your phone.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |