Two Factor Authentication – It’s No Longer Optional.

There is an old saying that there are two guarantees in life:  Death and Taxes.  Well, when it comes to personal computing, there are two guarantees as well.  Passwords and password changes.  Yes, if you use a computer, a smartphone, or anything that connects to the internet, you have a username and password as a means of identifying who you are in order to access information.

For many years, the standard has been that your username be unique, as well as your password.  This criteria for many years has been sufficient in guarding your account information at your bank, your social media accounts, everything.  However, this is no longer the case.

Two Factor Authentication (2FA)

What is “two factor authentication?”  Simply put, it is a way of identifying yourself by use of multiple pieces of information.  Without getting into the gory details, it means that you are using something else, in addition to your username and password, to verify your identity.  Many corporations have used this type of technology for years.  However, for consumer users of computers, this is something we are seeing more and more each day.

To give an example, lets say you have a Gmail account.  When you login, you enter your username and password and you press enter to login.  If you have two factor authentication enabled, once you login, you would be presented with a screen asking for an additional code to enter.  That code could come in the form of a text message, or through use of an authentication app.  Once you enter that additional code, you gain access to your account.

At this point, I can already hear you groaning at the idea of having to enter something else to secure your account.  Thoughts like, “That’s annoying!”, or, “I have to enter another piece of information to check my email?”, and finally, “This is stupid!  I’m not going to do it!”, I am quite certain are going through your heads.  However, before you make a hasty decision, consider the following scenario.

Vacation Gone Wrongvacation gone wrong

A husband took his wife and kids on a family vacation to San Francisco.  For this trip, the husband brought his smartphone, and instead of a laptop, he decided to bring his Android tablet.  After a wonderful two weeks in sunny California, they decided to hit up Fisherman’s Wharf for some last minute shopping.  After several hours of walking around, they returned to their vehicle only to find both back windows smashed out.  Several items of luggage were stolen, including, the husband’s bag that had his tablet inside.

That tablet had all sorts of apps, such as email, banking and investment apps, all major social media account apps, and the like.  After having to deal with the frustration of having their stuff stolen, this husband spent the better part of the night changing passwords for literally everything in his digital life.  It was at this point that he setup two factor authentication where he was able to do so.

What If It Was You?

Imagine yourself in the above scenario.  Having to frantically change passwords before the other person got to your digital stuff is not fun at all.  If that person had setup two factor authentication on his accounts prior to the theft, that would have at least put up a roadblock for the thief, while that person went down the list to change passwords.  Two factor authentication is not the “magic wand” of security.  It is simply another means of securing your information.  You can either do that, or run the risk of a hacker getting access to your banking information, or deleting all your photos from your cloud account.

Setting Up 2FA

Setting up 2FA (more jargon to impress friends) is very simple, and you may already be using it.  If you have logged into your bank from another machine that you typically do not use, the website may say they have sent a verification code via text message.  This is a form of 2FA.  Another way you can set this up is to go to your social media sites and look under settings/security.  Usually you will find a way to enter your mobile number and enable two factor authentication.

You may download and use apps like LastPass Authenticator, or Google Authenticator.  These apps allow you to setup 2FA with different sites that allow use of such an app.  You scan a barcode that is provided by a website, and once you have it in there, each login you do will require use of that additional code.  A nice feature of 2FA is that you are instantly notified on login attempts.

Many sites that allow, or even force you to setup 2FA also allow you the ability to check a box to remember you on that machine.  This way you do not have to enter a secondary code each time.  A word of caution on this.  By doing so, if your device is ever stolen, and they can get to your apps and have a greater chance of logging into whatever site(s) you have enabled that feature.  I would caution against doing this from your tablet or mobile phone.

No Excuses

Two factor authentication is not a passing fad, but is a standard in computer security.  When considering whether or not to set it up, ultimately the decision rests with you.  However, each week it seems we hear about another company having a security breach.  Therefore, 2FA is no longer something that is optional, but is a necessity in securing your digital life.

Advertisements

Hackers Going Old School

I have written quite a bit about attacks on computers through poisoned search results, and of course, just hitting an infected webpage.  When these things happen, your computer may starting “talking” to you announcing that if you try to shutdown your computer, your files will be infected, blah blah blah.  Of course, this is nothing more than a scare tactic to get you to click that button for “remote assistance”, which of course the only assistance you will get are your files stolen, held for ransom, and of course the high possibility of identity theft.

However, some hackers are going old school, by using the telephone as a launch point into hacking your computer.  For example, you may get a call on your home or mobile phone, and the caller ID might say “Microsoft”, or “Google Support”.  The person on the other end of the line will say that, “they have received alerts that your email account is sending out a bunch of spam”, or, “we have detected that your computer is infected with viruses, and we need to clean your computer, or we will have to lock down your machine.”

Of course, none of what I described is the case, because like I mentioned in a recent article, these companies have no idea if your computer is sending spam email, or infected with viruses.  These hackers, who are really scammers, use fear tactics, such as using inflected voice tones and a lot of technical jargon to get you all flustered and worried.  It is at that point they will have you turn on your computer, goto a site like Ammy Admin, Aero Admin, or they may use a legitimate remote control software like Teamviewer or LogMeIn, have you enter a code, and then they are on your computer where the games will begin.

So what can you do?  First of all, if the call comes out of left field, with the person on the phone stating something similar to what I mentioned earlier, my best advice is to hang up.  To verify if the call was a scam, call the number back on the caller ID.  Most likely it will refer either to some other number, or national 411 assistance.  Did I forget to mention that when they call on the phone, they also put forth false caller ID information?  Of course, this is assuming that anything other than “PRIVATE” or “BLOCKED” showed up on the caller ID.

This next part is a bit of a sensitive topic, but nonetheless true when it comes to these scammers.  The overwhelming majority of the scam calls you get, the person on the other end will have a heavy foreign accent.  Most of the calls are not coming from the US, but are in fact coming from overseas from the Middle East, India, and even Southeast Asia.  Again, if you get a call out of the blue, with foreign accented person on the line stating they need to connect to your virus laden computer, hang up.

Finally, you must understand that these phone calling hackers do not limit their calls to your mobile or home phone number.  They can and do call business numbers, because they are literally just going down a list of numbers that their criminal boss gave them, and have no idea if they are calling a home, mobile, or business phone number.  Therefore, it is absolutely imperative that you be alert when at the office.  Allowing a hacker who called you to get access to your work computer, will in all likelihood be a career limiting move for you.  In other words, you are likely to be fired.

Hackers use many methods and means to gain access to your information.  While most hacks occur while you use the internet, hackers are not above giving you a good old fashioned phone call to scare you into giving them access to your machine.  However, you have now been equipped with the knowledge to defeat them.  And defeat them we shall!

 

Outlook is not a filing cabinet.

Recently in my line of work, as a Senior Desktop Engineer, I have run into a couple of situations where users are under the impression that their email program is a filing system.  Unfortunately, one of those clients learned the hard way that your email program is not and has never been designed to be a filing system for those Excel, Word, and PDF files that people send to them.

But you say, “Well Hunter, I have created tons of folders to organize all my emails that come in.  So it must have been designed for a filing system.”  I will respond to that as that person being only partially right, but overall wrong.  Allow me to explain and for the purposes of this blog post, substitute “Outlook” with the name of your email program if you do not use it.

NOTE:  Please pay particular attention to the section called WARNING at the bottom.  If you miss it, it’s on you!

Outlook is for sending and receiving email.  That is the first thing we have to understand on how it functions.  Yes, you can store emails that you have received in the past, and organize them into folders, along with all those attachments.  However, that functionality is really only for the short term, and if you are an email hoarder, you probably have started to notice that your email program takes longer and longer to start up.  That is because every message that comes in is saved to a file on your computer and that file has to load each and every time you start up.

If you are wanting to hold onto emails for longer than say, 4-5  years, consider using the Archive function in Outlook.  Archiving is a way to move older items over to a file when you are not actively accessing them on a regular basis.  When I say regular, I mean at least once a week.  Also, you will likely be forced to archive your email as typically mail providers limit how much space you can take up on their servers.  In most office environments, usually it’s about 1-2 gigabytes.  Email providers like Gmail, Yahoo, and Outlook.com may allow more, but at some point you are going to either have to delete emails or start archiving.  You will know you are reaching this limit when you start getting nasty-grams from the mail administrator essentially saying, “Clean your crap up.”

In Outlook 2013, simply goto File/Options/Advanced/Archive Settings and select the option for Archives.  From here you can manually archive emails in a folder, or you can set things up on a schedule.  Let me give you some advice.  If you are an email hoarder setup a schedule!  Start out with every 90 days.  If you find out that you mailbox is accumulating more email during this time, then shorten the timeline down by 30 days until you reach a comfortable level.  You can always get back in and access those emails if you ever need to and there is a great article on how to do this task.

WARNING SECTION!

This is the part I warned you about earlier!  Now you have reached this point and may be saying to yourself, “Archive, schmarchive, I do not see a benefit of doing any of this.”  Here is the incentive:  When I started out this article, I told you about a client of mine that had a huge inbox of mail to the tune of 30 plus gigabytes and he was archiving, but the wrong way!  Microsoft states the the size of your archive file can reach 50GB and then it’s subject to corruption.  That means, it messes up and you cannot access anything.  My rule of thumb when dealing with declarations like this from Microsoft is to reduce that number by half.  The reason I found out about this is that when they tried to open their email that day, it would not open.  No, not just those files, EVERYTHING!

I spent an entire day running a repair tool that frankly I had no guarantee it would work.  Fortunately it did, but the problem was even with Archiving, he was still actively adding to those files and using his mail client like a filing cabinet.  Archiving is exactly that.  You take old email, tuck it away and pull out what you need when you need it.  Not constantly adding to and keeping a running tab.  If necessary, you may have to break up your archives into smaller separate archive files.  Main lesson from all of this is, the bigger your mailbox is, the more likely you will run into this scenario and could lose EVERYTHING!

One final suggestion, try saving emails to an actual folder on your hard drive.  You can more easily double click a saved email in a file folder on your C: drive and get into it and you are outside the archive file system and not subject to it’s restraints.

So email hoarders you have the tools, you have the talent, so start archiving today and bring some order to your inbox!

Hunter Bonner