Two Factor Authentication – It’s No Longer Optional.

There is an old saying that there are two guarantees in life:  Death and Taxes.  Well, when it comes to personal computing, there are two guarantees as well.  Passwords and password changes.  Yes, if you use a computer, a smartphone, or anything that connects to the internet, you have a username and password as a means of identifying who you are in order to access information.

For many years, the standard has been that your username be unique, as well as your password.  This criteria for many years has been sufficient in guarding your account information at your bank, your social media accounts, everything.  However, this is no longer the case.

Two Factor Authentication (2FA)

What is “two factor authentication?”  Simply put, it is a way of identifying yourself by use of multiple pieces of information.  Without getting into the gory details, it means that you are using something else, in addition to your username and password, to verify your identity.  Many corporations have used this type of technology for years.  However, for consumer users of computers, this is something we are seeing more and more each day.

To give an example, lets say you have a Gmail account.  When you login, you enter your username and password and you press enter to login.  If you have two factor authentication enabled, once you login, you would be presented with a screen asking for an additional code to enter.  That code could come in the form of a text message, or through use of an authentication app.  Once you enter that additional code, you gain access to your account.

At this point, I can already hear you groaning at the idea of having to enter something else to secure your account.  Thoughts like, “That’s annoying!”, or, “I have to enter another piece of information to check my email?”, and finally, “This is stupid!  I’m not going to do it!”, I am quite certain are going through your heads.  However, before you make a hasty decision, consider the following scenario.

Vacation Gone Wrongvacation gone wrong

A husband took his wife and kids on a family vacation to San Francisco.  For this trip, the husband brought his smartphone, and instead of a laptop, he decided to bring his Android tablet.  After a wonderful two weeks in sunny California, they decided to hit up Fisherman’s Wharf for some last minute shopping.  After several hours of walking around, they returned to their vehicle only to find both back windows smashed out.  Several items of luggage were stolen, including, the husband’s bag that had his tablet inside.

That tablet had all sorts of apps, such as email, banking and investment apps, all major social media account apps, and the like.  After having to deal with the frustration of having their stuff stolen, this husband spent the better part of the night changing passwords for literally everything in his digital life.  It was at this point that he setup two factor authentication where he was able to do so.

What If It Was You?

Imagine yourself in the above scenario.  Having to frantically change passwords before the other person got to your digital stuff is not fun at all.  If that person had setup two factor authentication on his accounts prior to the theft, that would have at least put up a roadblock for the thief, while that person went down the list to change passwords.  Two factor authentication is not the “magic wand” of security.  It is simply another means of securing your information.  You can either do that, or run the risk of a hacker getting access to your banking information, or deleting all your photos from your cloud account.

Setting Up 2FA

Setting up 2FA (more jargon to impress friends) is very simple, and you may already be using it.  If you have logged into your bank from another machine that you typically do not use, the website may say they have sent a verification code via text message.  This is a form of 2FA.  Another way you can set this up is to go to your social media sites and look under settings/security.  Usually you will find a way to enter your mobile number and enable two factor authentication.

You may download and use apps like LastPass Authenticator, or Google Authenticator.  These apps allow you to setup 2FA with different sites that allow use of such an app.  You scan a barcode that is provided by a website, and once you have it in there, each login you do will require use of that additional code.  A nice feature of 2FA is that you are instantly notified on login attempts.

Many sites that allow, or even force you to setup 2FA also allow you the ability to check a box to remember you on that machine.  This way you do not have to enter a secondary code each time.  A word of caution on this.  By doing so, if your device is ever stolen, and they can get to your apps and have a greater chance of logging into whatever site(s) you have enabled that feature.  I would caution against doing this from your tablet or mobile phone.

No Excuses

Two factor authentication is not a passing fad, but is a standard in computer security.  When considering whether or not to set it up, ultimately the decision rests with you.  However, each week it seems we hear about another company having a security breach.  Therefore, 2FA is no longer something that is optional, but is a necessity in securing your digital life.

Advertisements

Hackers Going Old School

I have written quite a bit about attacks on computers through poisoned search results, and of course, just hitting an infected webpage.  When these things happen, your computer may starting “talking” to you announcing that if you try to shutdown your computer, your files will be infected, blah blah blah.  Of course, this is nothing more than a scare tactic to get you to click that button for “remote assistance”, which of course the only assistance you will get are your files stolen, held for ransom, and of course the high possibility of identity theft.

However, some hackers are going old school, by using the telephone as a launch point into hacking your computer.  For example, you may get a call on your home or mobile phone, and the caller ID might say “Microsoft”, or “Google Support”.  The person on the other end of the line will say that, “they have received alerts that your email account is sending out a bunch of spam”, or, “we have detected that your computer is infected with viruses, and we need to clean your computer, or we will have to lock down your machine.”

Of course, none of what I described is the case, because like I mentioned in a recent article, these companies have no idea if your computer is sending spam email, or infected with viruses.  These hackers, who are really scammers, use fear tactics, such as using inflected voice tones and a lot of technical jargon to get you all flustered and worried.  It is at that point they will have you turn on your computer, goto a site like Ammy Admin, Aero Admin, or they may use a legitimate remote control software like Teamviewer or LogMeIn, have you enter a code, and then they are on your computer where the games will begin.

So what can you do?  First of all, if the call comes out of left field, with the person on the phone stating something similar to what I mentioned earlier, my best advice is to hang up.  To verify if the call was a scam, call the number back on the caller ID.  Most likely it will refer either to some other number, or national 411 assistance.  Did I forget to mention that when they call on the phone, they also put forth false caller ID information?  Of course, this is assuming that anything other than “PRIVATE” or “BLOCKED” showed up on the caller ID.

This next part is a bit of a sensitive topic, but nonetheless true when it comes to these scammers.  The overwhelming majority of the scam calls you get, the person on the other end will have a heavy foreign accent.  Most of the calls are not coming from the US, but are in fact coming from overseas from the Middle East, India, and even Southeast Asia.  Again, if you get a call out of the blue, with foreign accented person on the line stating they need to connect to your virus laden computer, hang up.

Finally, you must understand that these phone calling hackers do not limit their calls to your mobile or home phone number.  They can and do call business numbers, because they are literally just going down a list of numbers that their criminal boss gave them, and have no idea if they are calling a home, mobile, or business phone number.  Therefore, it is absolutely imperative that you be alert when at the office.  Allowing a hacker who called you to get access to your work computer, will in all likelihood be a career limiting move for you.  In other words, you are likely to be fired.

Hackers use many methods and means to gain access to your information.  While most hacks occur while you use the internet, hackers are not above giving you a good old fashioned phone call to scare you into giving them access to your machine.  However, you have now been equipped with the knowledge to defeat them.  And defeat them we shall!

 

Google Chromecast – The Full Review!

If you have not read my initial report on Google Chromecast, check it out here.  Now that you have read it, read on to this, my full review on Google Chromecast.

For several years now people like myself have been looking for a way to “cut the cable” but finding a viable way to do it has been somewhat difficult.  Without a doubt, streaming movies and TV into the home is the evolving trend, but you need the right technology to do this.  Look no further because for $30.00 right now on Amazon.com, the solution you seek is a mere order confirmation away!

Chromecast is without a doubt one of the best products that I have used in a long time.  After the initial setup, I tried watching some movies through the device.  Outside of a fuzzy picture on initial casting to the screen, which clears up in a matter of seconds once buffering has normalized, the picture and sound quality were awesome!  Not one single time did I see the audio getting ahead of the picture.  As for the buffering fuzziness, that doesn’t even happen that often.

The interface, which is your smartphone or tablet, is incredibly easy to use.  Just clicking on the Chromecast icon, which is the television icon you see below, the device transfers via your wireless network in the home to the Chromecast device.  This is referred to by the castingmanufacturer as “Casting” and for the purposes of this and future articles, that is what I will refer to it as well.  My only concern is that the transfer from the smart device to the Chromecast device does take some time.  However, this might vary depending on your internet speed plan that you subscribe to.  On a 15Mbps line that I have, it was decent enough.

If you are interested in picking up Chromecast, you need to understand that this is a very new technology, and there are not that many apps out there that support it yet.  However, Netflix and Youtube are some of the big ones with many more on the way.  If you want to cast something that you do not have an app for, you can download the Casting extension into Google’s Chrome Browser and do it that way.  I tried it with iHeartRadio and it was fantastic!

Overall, I am impressed with Chromecast.  The fact that I do not have to hook up some box, but simply plug in a device to my HDMI port on my flat screen TV is very nice.  Prior to Chromecast, we simply used our Nintendo Wii as a means of connecting.  Casting for us is so much faster and much more user friendly.  When considering the other alternatives out there like Roku, $30.00 is not a major investment that will give you plenty of enjoyment.  Until someone else comes along with something better and has a faster synch rate, Chromecast is the device to beat.

Chromecast – the first 24 hours

Google-ChromecastIt has been 24 hours since the arrival of my Google Chromecast.  Well, not really mine, but for my mother in law.  However, as the family IT guy, if I do not know how to use it, then no one will.  She needed a solution to watch Youtube and Netflix on her flatscreen in her room.  Rather than have a bulky AppleTV sitting on the dresser, I went with the compact Google Chromecast.

My initial impressions are easy to setup.  It took all of maybe 5 minutes to insert into the HDMI and USB ports on the TV, download updates, get the app and go through the discovery process.  It was incredibly simple and I can see already, that if Google maintains this simple setup process they will have people flocking to their system.  Perhaps even some abandoning other similar devices from competitors.

I watched some TV last night from Netflix, and specifically Star Trek Voyager starting with the pilot.  Works absolutely great!  I am going to save my full review until after I have put it through a few more paces.  One thing is for sure.  Bandwidth upgrade is a must I can already tell.

Google’s “Chromecast”

As I write this blog post, coming from the hallowed halls of Amazon.com is my Google Chromecast device.  My goal is to give it a thorough trial and see how well it claims to work.

For those not knowing what this is, it is basically a small device that plugs into the HDMI port on your TV.  By using wireless technology and your smartphone or tablet, you can watch things like Youtube, Netflix, and the like.  It’s for those who are looking to cut the cord with the cable company and go on the cheap.

Looking forward to it!  Check back soon for this, and other product reviews.