Scammers, hackers and phishers are good at what they do and are always improving or changing their methods. One of the best methods for counteracting the damage a malicious third party can do with an ill-gotten password is two-factor authentication. Google Authenticator is a tool you can use to standardize the two-factor authentication process, making it smoother and more secure at the same time.

What is two-factor authentication?
Two-factor authentication is a mechanism that essentially requires input from two separate sources or devices to gain access to your account. For example, if two-factor was enabled on your Gmail account and you were signing in via your laptop, you would enter your password and Gmail would notify you that a code was being sent to your phone. You would then check the text message you receive on your phone and enter the code from the text message into Gmail to unlock your account.

Why two-factor authentication?
We often hear horror stories about identity theft that begin with a malicious actor breaching a single account and then gaining access to other resources from there. Once a hacker has breached an email account that is associated with your Amazon or PayPal login, they can reset the passwords for those sites and gain access to them. Two-factor ensures that for someone to gain entry to your email, they would need to be in physical or virtual control of your phone or other device. If a malicious actor was trying to access your account, you would receive a message asking you if this attempt was legitimate, often pinpointing the geographic location of the individual trying to sign in. Not only does this make it exponentially more difficult to gain access, but it alerts you to the attempt so you can take steps to change your passwords or monitor your other accounts for suspicious activity.

Google Authenticator, An Extra Level of Safety
The only practical way for an attacker to subvert two-factor authentication would be to obtain your primary login credentials for the service, website or server you are accessing, then intercept the SMS (text message) containing the secondary code, inputting it before it expires. As unlikely as this scenario sounds (The attack would need to be very targeted and rather sophisticated) it is possible. The advantage of Google Authenticator is that the app will not be sending anything. When you do the initial setup of Google Authenticator, you take a picture of a QR code with your phone, this launches a randomized algorithm and a seed algorithm. On the backside of your account and within your phone, the same algorithm is performing the same calculations at set intervals, meaning that the account and the app on your mobile device can both generate the same unique code at the same time, without sending anything via data or Wi-Fi. It will even work when your device is in airplane mode.

If you are interested in using Google Authenticator to secure your accounts, you can find instructions for downloading the app here. If you need assistance implementing Google Authenticator within your organization, call Mankato Computer Repair today.