Tech Break

Apr 17th 2017

Tech Break 3926

Multi-Factor Authentication

MFA is a way to secure your online accounts that get's us closer to the "perfect perfection".
Category: TWiT Bits

Multi-Factor Authentication (MFA) is a way to secure your online accounts that get's us closer to the "perfect perfection".

* Something you know
* Something you have
* Something you ARE

A username and password is only "Something you know" - so it's a single factor authentication

Something you ARE is something like fingerprints, retinal scan or facial recognition.

We're adding a mobile-based verification to our Google account so it's "Something you Have"

1. Log into with your account
2. Go into "My Account"
3. Under "Sign-in & Security", click "Signing into Google"

Before continuing, this is a good time to set your "recovery email" & "recovery phone" to accounts that are NOT served by your Google account.
* In other words, once you enable 2-Factor authentication, you will require a verification to enter your Google-connected resources. If you setup to send that verification to a Google-connected resource, you won't be able to access the account to get the verification without first verifying the account.

4. Under "Password & sign-in method" click "2-Step Verification"
5. Click "Get Started" (you'll have to sign-in)
6. Enter the phone number of the mobile that will receive your verification codes
7. Enter the code you just received on your phone.

** You are now setup to use 2-Factor Authentication for ALL your Google-connected resources. Anytime you want to access a Google-connected resource from a NEW browser/computer/device/location, you WILL be required to have a verification code that is sent to your device.

Bonus Features!
There are several features available in Google MFA that you really should use.

1. Backup Codes
* If you've ever worried about being able to access your account after you lose your device or if you're out of connection range, this is for you.
* This will give you a set of 10 one-time use verification codes.
* EACH TIME you press "Get New Codes", it will eliminate the old codes from the authentication list
* You can download them to a thumb drive/laptop or print and keep in your wallet.

2. The Authenticator
* This is an app you can download to your Android or iPhone that will give you verification codes even when your phone is offline.

3. Backup Phone

4. Security Key
* A Security key is a device (usually USB) that acts as your second-factor w/o you needing to type anything in.
* You MUST have the device in order to sign in.

Pro Tip:
* Every once in a while, revoke access from ALL trusted devices. This will require you to MFA for all your devices, but it "clears the table" of any devices you may have authenticated and forgotten.

Bandwidth for TWiT Bits is provided by CacheFly.