Analysing Two-Factor Authentication In Security
In this article, I will be talking about two-factor authentication in security. Popular online services, such as Google, Facebook, Twitter, LinkedIn, Apple and Microsoft, use two-factor authentication to add an extra layer of security for account logins. Besides the username and password, or personal identification number (PIN) or pattern, two-factor authentication requires a second token, such as a:
- Physical object– credit card, ATM card, phone, or fob
- Biometric scan– fingerprint, palm print, as well as facial or voice recognition
Even with two-factor authentication, hackers can still gain access to your online accounts through attacks such as phishing attacks, malware, and social engineering.
Go here to find out if websites you visit use two-factor authentication in security.
OAuth 2.0
Open Authorization (OAuth) is an open standard protocol that allows an end user’s credentials to access third party applications without exposing the user’s password. OAuth acts as the middle man to decide whether to allow end-users access to third-party applications. For example, say you want to access web application XYZ, and you do not have a user account for accessing this web application. However, XYZ has the option to allow you to log in using the credentials from a social media website ABC. So you access the website using the social media login.
For this to work, the application ‘XYZ’ is registered with ‘ABC’ and is an approved application. When you access XYZ, you use your user credentials for ABC. Than XYZ requests an access token from ABC on your behalf. Now you have access to XYZ. XYZ knows nothing about you and your user credentials, and this interaction is totally seamless for the user. Using secret tokens prevents a malicious application from getting your information and your data.
This figure displays the OAuth process. In the figure, there is an arrow from the user to Web app X Y Z with the label access services. Another arrow from the user to servers for OAuth2.0 with the label Authenticates, access granted. Between the web app X Y Z and Servers for OAuth 2.0, there are two arrows. One arrow labelled access data is going from Web App X Y Z. Another label labelled Tokens issued is going from Servers for OAuth2.0 to Web App X Y Z.
Do Not Share Too Much on Social Media
If you want to keep your privacy on social media, share as little information as possible. You should not share information like your birth date, email address, or your phone number on your profile.
The people who need to know your personal information probably already know it. Do not fill out your social media profile completely, only provide the minimum required information. Furthermore, check your social media settings to allow only people you know to see your activities or engage in your conversations.
The more personal information you share online, the easier it is for someone to create a profile about you and take advantage of you offline.
Have you ever forgotten the username and password for an online account? Security questions like “What is your mother’s maiden name?” or “In what city were you born?” are supposed to help keep your account safe from intruders.
However, anyone who wants to access your accounts can search for the answers on the Internet. You can answer these questions with false information, as long as you can remember the false answers. If you have a problem remembering them, you can use a password manager to manage them for you.
Now your take on this argument.
We would also like to hear what you feel about the topic we discussed today. Your feedback is very important to us. Feel free to drop your comments and recommendations. If you have a contrary opinion, you can drop that too.
You can also be part of our Facebook Page CRMNigeria for more updates. You can do that by clicking on the link or searching for our page on Facebook.
You can also be part of our WhatsApp Group Here.
Enter your email address to get updates when we post our next article. you have to click on the link in the email sent to you to confirm your subscription. If you have been receiving our email updates and it is no longer active, please subscribe again.:
Delivered by FeedBurner