What is the two-Factor Authentication (2FA) binary authentication and why you should activate it to protect your accounts from hacking explained in detail

in hive-110112 •  4 years ago 

You have a cryptocurrency trading platform account or any other service, and use a password that you think is powerful and unthinkable (you may have used a password of 36 characters containing numbers, letters and special tags), but after a while and for some reason you don't know your account is compromised and you can't find a way to retrieve it. Maybe after a long search you discover that you were using the same password on another service that was hacked, and a hacker tested and controlled that password that you thought no one could guess on your email (or Facebook account) and fully control it. You may also be frustrated that even strong and long passwords may not be spared from penetration. So what's the solution?

twoFactor Authentication 2FA.png

First of all, I would like to point out that full protection from penetration is difficult to achieve if not impossible, and if someone has you in mind, and if that entity has sufficient resources (especially if it is governmental), hacking your account may be just a matter of time, perhaps not necessarily by guessing your password, but in other ways. But yet it doesn't mean that we shouldn't try to protect our accounts with all our might, they may not be vulnerable to hacking from government or powerful actors, but there are a lot of online players who don't care who they are necessarily as much as they are about hacking as much accounts as they do, and usually it's enough to make the task of hacking your account a little more complicated (or much more) to invite you and you to another victim.

Back to our previous example, can account penetration be made a more difficult/more complex task? The answer lies in the use of two-Factor Authentication, commonly known as 2FA.

But what is the two-Factor Authentication duo?
There are several definitions of two-Factor Authentication (translated into Authentification à deux facteurs in French), and several ways to use binary authentication. But let's focus on its simplest form (a form that is commonly used and widely used). Binary authentication is a two-stage sign-in. In the first stage you are asked to use "something you know", usually the password you keep in your head (or save it via the password management app/service), and after it is validated, you are asked (in the second stage) to use "something you own" and usually this is your phone, where a short pin is either generated via a special app (we'll talk about it shortly) or sent as an SMS to your phone. This pin is usually valid for a very short time (30 seconds or less) and a new number must be generated after this period.

That is, in order to register your account, your identity is actually verified: you know your password and you can generate/obtain a short pin number on your phone. In other words, in order to hack into your binary authentication account, we need to hack into/know/guess your password, as well as "physical" access to your phone the moment the PIN is generated (or find a mechanism to read and use the SMS message you will receive).

How to activate binary authentication on your account
There are two cases. Binary authentication depends on SMS messages and binary authentication depending on the generation of temporary secret numbers using a special application.

For the first method (sms-based), all you'll usually need is to update your profile (on the site you want to activate binary authentication), and then check that you are the owner of that number, where an SMS message is sent to your phone with a pin number asking you to enter it on the page in front of you.
image.png

An example of the activation of binary authentication on Twitter

Then, every time you want to sign in to your account, after you enter your password, a short pin will be sent to your phone to ask you to enter it to verify your identity and then let you sign in.
image.png
As for the second method, you usually require using a binary authentication app (we'll be hitting examples shortly thereafter), and in the settings page and instead of sending a short pin to your phone, you'll be asked to use the app to scan/photograph QR Code displayed on the screen, which will connect your phone (via this app) to your account, and the app will generate short pin numbers for you every time you want to sign in. If this description is not clear to you, it will be clear with the examples I will refer to at the end of this article.

image.png

Binary authentication applications
There are several applications and you will find most of them available on both Android and iOS, but I will only mention the most prominent of them:

Google Authenticator: A Google Development app that is the "standard" option for many users. In my opinion, one of its biggest drawbacks is that you can't easily transfer accounts to another phone (if you want to move to another phone), and you can't use it on more than one device at the same time.
image.png

FreeOTP+ (also available on F-Droid here): An app similar to Google Authenticator, but open source, as well as the possibility of exporting and importing accounts, making it a better choice than the above-mentioned Google app.
image.png
Authy 2-Factor Authentication: What distinguishes Authy from other applications is the ability to use the same account on more than one device at the same time, with the possibility of generating those secret numbers using a desktop application as well.

image.png

But which app do you recommend?

If you have no prior experience with binary authentication, I recommend that you use Authy as a start, and after you are familiar with it and if you are not comfortable with the sync feature provided by Authy, or if you want to rely completely on open source then you can switch to FreeOTP +. By the way, note the presence of + at the end of the application name, as this application is considered an advanced version of the FreeOTP application (without +), which does not provide the export and import feature.

How do I activate two-factor authentication on my account?

The same method is used in all cases. The only difference is that you find this activation page. Authy provides a list of examples with pictures (step-by-step) on the various platforms on which you can activate binary authentication. The pages are in English, but even if you are not fluent in them, it is sufficient to follow the steps shown in the pictures.

Note: Even if the service on which binary authentication is doing asks you to use a particular app, Google Authenticator, you don't have to use this particular app, the same business principle on all apps.

What if I lose my phone?

What happens if you lose your phone? Does this mean you won't be able to sign in to your account again?

In many cases, it will be complicated to retrieve your account or reset your account. In many services such as gmail, once you've activated this feature, you'll generate a set of secret numbers that you're required to print, save in a safe place and use in case you lose your phone (or delete the binary authentication app without exporting the accounts on it). These confidential numbers will allow you to log in in such emergencies.
image.png

Secret numbers for retrieving gmail accounts

If you use a service like Authy, you should not face this problem, since it is sufficient to open your account on the application to find all of your accounts.

It should be noted that authy encrypts the data before saving it, in other words you should not forget the password for the application / encryption, because if you forget it, you will not be able to recover those accounts, because - simply - the encryption here means that even Authy itself will not be It can read your accounts / data.

Using the application seems complicated, can I be satisfied with receiving the passwords via SMS?

In terms of "theory" the answer is "yes", you will get the same result, whether you rely on SMS messages or use the application. In practice, however, relying on SMS is impractical and in some cases an insecure solution.

For example, the operator of the telephone you use may decide to “block” these messages and not deliver them, especially if he is preventing the arrival of any text messages that do not contain the sender's phone number (just a name). These messages may also be subject to delays in delivery (technical problems in the network), and you may be in a place where the network is not available, or you may be traveling to a country where you cannot receive calls or messages.

It is also possible to hack your phone number (not necessarily your phone itself, but only the number), or install an application that reads the text messages that you receive (by the way, have you checked all the applications that you have given permission to read SMS messages on your phone?), Which will weaken the protection that can get on her.

On the other hand, if you use an app like Authy and you have password protection enabled, in addition to using a locker for your phone, all of this will provide stronger protection.

Special Mentions
@booming01
@booming02
@booming03
@booming04

hive-110112 two-factor authentication 2fa hacking life steemit cryptodog accounts
4 years ago by

Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

  • Disagreement on rewards
  • Fraud or plagiarism
  • Hate speech or trolling
  • Miscategorized content or spam

Submit
$26.72
  • Past Payouts $26.72
  • - Author $13.76
  • - Curators $12.96
102 votes
0
Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!