Why two-step authentication is important and how to set it up: Instructions from cybersecurity experts

Why two-step authentication is important and how to set it up: Instructions from cybersecurity experts

Kyiv  •  UNN

April 2 2024, 03:21 PM • 100545 views

Two-factor authentication provides an additional layer of security for messengers and information systems by requiring a second form of authentication, such as a one-time code or USB device, in addition to a login and password, which makes it difficult for unauthorized access and protects user data and accounts.

The Government's Computer Emergency Response Team of Ukraine has developed instructions on how to set up two-factor authentication (abbreviated as "2FA") for some messengers and information systems. The instruction in pictures from CERT-UA specialists on how to do this on their gadgets is published by UNN.

Details

Two-step authentication (2FA for short) can be installed on the following messengers and information systems:

  • Telegram
  • Signal
  • WhatsApp
  • Viber
  • Ukrnet (you will have to install an authenticator application)
  • Google (you will have to install an authenticator application)
  • Facebook (you will have to install an authenticator application)

For all messengers, you need to come up with a login (usually your phone number - ed.) and password. This is the first stage of owner authentication.

The second factor is usually an additionally created password (PIN), a one-time code generated in a corresponding application (Google Authenticator, Microsoft Authenticator) or a USB device (hardware key, token) such as Yubikey. At the same time, the use of one-time codes in SMS as the main means of 2FA is not recommended.

If your username and password are stolen (compromised), it will be more difficult for third parties to access your account because they will not know the additional password and/or will not be able to generate a one-time code. Instead, you will receive a notification about an attempt to access your account, which will signal a leak and the need to change your login and password.

"Two-factor authentication is a guarantee of confidentiality of your data and an additional barrier to fraudsters trying to hijack your account or initiate fundraising on your behalf.

- cyber experts explained the importance of this event.

However, they also warned of a certain risk in case of loss of the gadget. They also explained how you can protect yourself in this case.

If you lose the phone with the authenticator app, you may not be able to access the corresponding account. For this reason, when setting up 2FA using the app, additionally generate codes to restore access and/or provide an alternate phone number or email address.

- added to CERT-UA.

CERT-UA noted that public mail services are often used as the main "corporate" means of electronic correspondence. In view of the above, they called on managers and persons responsible for cybersecurity to ensure that their employees make the appropriate settings.