Why you (and your family) should be using 2FA and a password manager
Keep you and your loved ones safe and secure.
So much of what we do every day, day in and day out, is either done online or has a record kept online. Things like your email or a shopping website are obvious, but your bank, mortgage holder, health insurance provider and more are also online companies even if that’s not how we interact with them. There is a pretty complete fingerprint of your life stored where plenty of other people can (and often do) look for it.
So what should we do about it? That’s easy — use a good password for everything, make sure you don’t use the same password in more than one place, and secure things with a second step anytime you can.
You can’t remember all those passwords
Don’t feel bad because nobody else can, either. A good password simply means one that someone else who is really good at figuring this stuff out isn’t likely to be able to use. That means they aren’t something you are going to be remembering, especially when there are more than a few of them. That’s where a password manager comes in.
Best password manager for Android
A password manager is like a safe that holds all your passwords and gives the right one to the right place when it’s needed once it’s sure you really asked for it. Enter all your account information into it and then all you need to remember is one good secure password that’s used as your OK to let it share its data with another app or website. Now there is only one thing to remember and it gives you more secure access to everything else!
Remembering one good password is something we can all do.
There are a lot of good ways to manage passwords. A recipe box filled with index cards that sits on your desk is one way, but a good app from a trusted company does a better job and offers more features. Most have a way to keep a backup copy of your password database in case you lose your phone or it gets stolen, as well as extras like a place to store credit card info or secure notes. The best secondary feature you’ll find is a password generator that can create a good password, then put it in the database and be ready to serve it to the right place so you never have to worry about keeping track of it.
Password managers work great on your Chromebook, too!
- 1Password X brings me closer to using a Chromebook full-time
- Password manager Enpass now working seamlessly on Chromebooks
The first thing a person who gets your password is going to do is to try to use it everywhere. That’s why it’s important to never reuse passwords at more than one place because when someone breaks into the servers at Target, or Adobe, or Yahoo! or anywhere else and gets your username and password, you certainly don’t want to let them run up your credit card by buying things at Amazon. You just can’t remember all those passwords.
The convenience and security a proper password manager offers are better than anything you can do to manage things yourself and it’s more secure, too. If you’re not using one, stop right now and set one up — then help make sure the rest of your family is doing the same thing.
A password is a key to the door and 2FA is the drawbridge over the moat
I forget who said it, but 2FA (two-factor authentication) has been described this way. Imagine a castle with attackers at the gate. It has a very strong door (the password) but also has another deterrent in the form of a drawbridge that’s lifted so nobody can get over a moat filled with medieval monsters of some sort. 2FA is that drawbridge and it only gets lowered when you tell it to lower.
In non-technical terms, 2FA is simply a second way to prove your identity before access to digital data is given. You prove your identity using two of these three things:
- Something you know (a password)
- Something you have (a code from an app or text message)
- Something you are (your fingerprint)
How to set up two-factor authentication on your Google account
Most of us have used it in one form or another even if we didn’t know it. The three-digit number on the back of your Visa card is an example of something you have; ideally, you only know it if you have the card there in front of you which means you have your wallet which means you are probably the person whose name is on the front. A more complicated method that’s just as simple to understand: when you log into your computer at work the server checks to see if you swiped your employee ID to get into the building before it starts showing you any company data.
2FA for our online accounts is (thankfully) much more simple that an authentication server at work thanks to our smartphone. Using an Authenticator app you are given a short code to enter along with a password. Having this code means that you have your phone and your password — two of the three things. And as long as your Authenticator app is protected with a good password as mentioned above, only you can use it.
Two-factor authentication: What you need to know
This sounds like a lot more hassle than it really is because your phone is also secured and can be trusted. Most places that offer 2FA also allow you to say you trust the device you’re using to access it and you can bypass the step once you’ve proven your identity. As long as you have a good password on your phone and the company that makes it doesn’t allow someone unlimited tries to guess that password, you’re pretty safe.
One extra layer of security is never a bad thing!
But trying to access the same account from another device, whether it be another phone or a computer, means you’ll need to enter the 2FA code. This means you can get on Twitter or Facebook (or Amazon or your bank’s website) from your phone easily but I can’t get in from my phone or computer without having your 2FA code, which only comes to your phone. Following? It’s a great big circle of trust that doesn’t allow anyone else in it.
Google wants you to upgrade to (its) better two-factor authentication
How to install and set up Authy for two-factor authentication on your Android
Be safe, be secure
Look, we know that most of us aren’t high-profile targets with people focused on hacking into our lives. Those people have extra steps they can take, but we don’t need those. But we are all potential victims of chance when it comes to phishing attacks or corporate database breaches. Not using a password manager and 2FA whenever it’s offered is crazy.
Don’t be a victim. And don’t let the people closest to you be one, either. Use a good password manager and two-factor authentication for everything, all the time!