Remember the good ole days? You had a password you used for everything. It was something that was easy to remember — your child’s name, a pet’s name, your name. Well, those days are long gone. The bad guys seem to be upping the ante on a daily basis.
If you want to keep your personal information secure, you should be using two-factor authentication (2FA). It may sound complex, but it’s not.
What Is It?
Two-factor authentication is a security process in which the user provides two means of identification from separate categories of credentials. We already use 2FA when we use a debit card. One credential is physical — the debit card — and the other is often something memorized, such as your personal identification code.
It works a little differently with online browsing and computers.
Where You Can Use It
Ticketmaster just started enforcing use of 2FA. If you want to download and print your tickets, you need to provide a code they send to your registered email. You will see 2FA popping up more frequently every day, and in some instances, you can’t opt out from using it. Google, Facebook, Twitter, Microsoft and LinkedIn are just a few companies embracing 2FA.
By requiring an additional factor, such as secret code sent by text to your phone or via email, the risk of being impersonated is dramatically reduced.
Google does a great job making 2FA easy. You can opt to register devices (a cell phone, iPad, etc.) and enter a lengthy one-time code. If your device is stolen or lost, you log into Google and remove that device from your trusted list. Also, when you first activate 2FA and initially log into a web browser with your username and password, a six-digit code is generated and sent to your cell phone via text messaging. In order to complete the log-in process you must next enter the six-digit code. At that time, you can opt to have Google remember and trust that browser, eliminating the need to use a six-digit code when you return to Google on that specific browser (Firefox, Chrome, etc.) from that same computer.
Banks are now starting to ask additional questions after you log in from a new device. That’s what’s important — because someone who is trying to log into your bank most likely isn’t doing it from your computer, but from a computer in Russia, China or other location. If you use two-factor authentication, you can stop that from happening.
Why Attorneys Should Care
I’ve seen attorneys and staff say this is too much work and skip voluntary 2FA, but we need to remember the risks of information being compromised. Not only can your bank account and personal information be stolen, but hackers often send out “spoof” emails from your account to everyone in your address book and include malicious embedded links. If you or your friends and clients click on those links, malware can be installed on your computer, making all of your data and files visible to the bad guys. This is where the real trouble starts.
Terrapin recommends you start using 2FA for your personal email and social media accounts. It doesn’t take much effort but can make a big difference in protecting your data. You can get started through these links: