Security Tip: Use Two-Step Authentication (Guest Post)


bike lock

Security Tip: Use Two-Step Authentication

Even if you’re careful with your passwords, they can still be captured or reset by attackers (it happened to technology writers at Wired and ZDNet). Two-step authentication stops a compromise of your security by identifying you through a combination of two different components: your password and also something you know or possess. An attacker needs to take a second step after your password to get in to your account (such as, answering your personal identification question or entering a code from your phone, which they wouldn’t know and don’t have, obviously).

This may seem like extra work to enter both your password and an extra code from your phone, but most services remember your device / browser so you’ll only need to enter the code from your phone once on a new device. A potential hacker cannot enter your account from their own device since your code is only allowed to send from your phone.

Because your @cru.org Google account is tied to your ministry email and documents, it’s definitely worth setting up two-step authentication for it – click here to set up Google Account two-step authentication.

Should you set up two-step authentication for other online services you use? That depends on how important your information and identity on that service is. If, for instance, you tried out a service, say, Dropbox, just once to see what it was, then don’t bother. But if you have lots of important personal and ministry documents stored in Dropbox, you should enable two-step authentication for Dropbox.

Here’s a list of services that offer two-step authentication. Clicking on the links for them will take you to the page for how to set up two-step authentication for that service:

What happens if you lose your phone? Most of the services provide some sort of “backup code” to enter in case you lose your phone. If you use a password manager, store the backup code there. You could also print out the backup code and store it in a safe place.

David R famGuest Post by: Dave and Andrew

Dave Raffensperger is on Cru staff in Boston. He and his wife, Erin, are new parents to a sweet little girl.

Follow Dave at @draffenspergeror check out his blog atdavidraff.com.

Andrew Chi is a Ph.D. candidate in Computer Science at UNC-Chapel Hill.

NOTES:

6 thoughts on “Security Tip: Use Two-Step Authentication (Guest Post)

  1. Dave, I had first-hand experience of having my Cru gmail account hacked last week…from somewhere in India. So, I encourage everyone to consider the two-step authentication. Once I set it up, things haven’t really changed regarding my typical log-in to gmail. In other words, it’s been worth the effort!

    Like

  2. Brenda, sorry to hear about your hack, but glad you set up the two-step authentication and yeah, it’s definitely worth the effort!

    Like

What do you think?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s