• Latest
  • Trending
How To Protect Yourself With A More Secure Kind Of Multi-Factor Authentication

How To Protect Yourself With A More Secure Kind Of Multi-Factor Authentication

August 19, 2022

PR NEWS WIRES – Step-by-step instructions to Compose Press Releases That Work And Get Free Exposure

November 29, 2022

PR Wires – High-level PR – Getting Your Press Release to Someone Who Cares

November 28, 2022
PR Wires – Involving a Press Release Administration as a Type of External link establishment

The One Press Release Pricing Tip You Shouldn’t Be Without

November 26, 2022
Press Release and Press Pack Fixings

Several Tips for Writing Effective Press Releases

November 25, 2022

Five Stage Manual for Power Press Release Benefits

November 25, 2022
Write a Press Release for Your Business

Startling Facts About PRWeb Pricing That You Never Knew

November 25, 2022

PR Wires – Involving a Press Release Administration as a Type of External link establishment

November 25, 2022
Must Haves in a Social Media Press Release

The Little Known Benefits of Video Press Release Service

November 24, 2022

PR Wires – The Do’s and Don’ts of Composing A Press Release

November 24, 2022
PR Wires – Making a Press Release Site With A Press Release Content

Must Haves in a Social Media Press Release

November 23, 2022

PR Wires – Making a Press Release Site With A Press Release Content

November 23, 2022

Instructions to Compose and Submit Online Press Releases Like an Expert

November 22, 2022
  • About us
  • Advertise With Us
  • Become a Contributor
  • Guest Posting Service
  • Privacy Policy
  • Submit Press Release
  • Contact
  • Terms & Conditions
Wednesday, January 25, 2023
Latest News and Updates on Cryptocurrency
  • Login
  • Home
  • Market
    • Analysis
    • Guide
  • Binance
  • Bitcoin
  • Blockchain
  • Coinbase
  • Crypto
    • Crypto Exchange
  • Ethereum
  • Finance
  • Litecoin
  • Ripple
  • Tether
No Result
View All Result
Latest News and Updates on Cryptocurrency
No Result
View All Result

How To Protect Yourself With A More Secure Kind Of Multi-Factor Authentication

by admin
August 19, 2022
in Guide
383 16
0
How To Protect Yourself With A More Secure Kind Of Multi-Factor Authentication

There are many ways to improve your security with multi-factor authentication, but some kinds offer more protection from hacking and tracking.

YOU MAY ALSO LIKE

Unpacking The “Lummis-Gillibrand Responsible Financial Innovation Act”

Bitmedia: Cutting through the noise with granular ad control

This is an opinion editorial by Heidi Porter, an entrepreneur with 35 years in technology.

Hacks will continue to happen where your account is compromised or people are sent to a nefarious site and accidentally download malware instead of verified software.

This will be the first in a series of articles around more resilient user security for your accounts, nodes and apps. We’ll also cover better email options, better passwords and better use of a virtual private network (VPN).

The reality is that you’ll never be completely secure in any of your online financial transactions in any system. However, you can implement a more resilient toolset and best practices for stronger security.

When we log into an online account, we’re often aiming to thwart an attacker or hacker using extra layers of verification — or locks.

Compared to your own home, multiple locks give more security. If one form of authentication is good, such as a password, then two forms (aka MFA) can be better.

Note that if you ONLY use biometric authentication, that is single-factor authentication. It’s just the biometric of whatever modality you’re using: thumb, iris, face recognition, etc. If you use 1 hardware key without a passphrase, that is also single-factor authentication.

However, if a biometric or key is used as a 2nd factor, it can meet the goal of multifactor authentication and be more secure than many app-based MFA.

With MFA, you must use at least 2 of these 3 authentication mechanisms:

With MFA, you must have at least two authentication mechanisms.

If or when they eventually support MFA, at a minimum, you should have MFA set up for your:

Note: Each account or application needs to support the type of MFA that you are using and you must register the MFA with the account or application.

MFA providers often include less secure options such as:

MFA providers sometimes also include more secure options such as:

Guess what type of MFA most legacy financial institutions use? It’s usually one of the less secure MFA options. That said, authenticator apps and hardware keys for MFA are not all created equal.

First, let’s talk about the marketing of MFA. If your MFA provider touts itself as unhackable or 99% unhackable, they are spouting multi-factor B.S. and you should find another provider. All MFA is hackable. The goal is to have a less hackable, more phishing resistant, more resilient MFA.

Some MFA is more hackable.

Some MFA is more trackable.

Some MFA is more or less able to be backed up.

Some MFA is more or less accessible in some environments.

Multi-factor authentication is more securely accomplished with an authenticator app, smart card or hardware key, like a Yubikey.

So if you have an app-based or hardware MFA, you’re good, right? Well, no. Even if you are using app-based or hardware MFA, not all authenticator apps and hardware devices are created equal. Let’s look at some of the most popular authenticator apps and some of their vulnerabilities with tracking, hacking and backing up.

Just like many financial and data companies, Bitcoin companies have been the target of multiple data breaches where attackers have obtained email addresses and phone numbers of customers.

Even without these breaches, it’s not especially hard to find someone’s email addresses and phone numbers (as mentioned in previous articles, best practice is to use a separate email and phone number for your Bitcoin accounts).

With these emails, attackers can perform phishing attacks and intercept the login credentials: both password and multi-factor authentication you have used as a second authentication factor for any of your accounts.

Let’s take a look at a typical MITM phishing attack process:

As an aside, be sure you have MFA attached to withdrawals on a wallet or exchange. Convenience is the enemy of security.

Important Note: Although I have not looked into all of these for my personal use, I believe any Bitcoin builder or Bitcoin company SHOULD ask their third-party providers or integration providers to provide details about what kind of MFA provider they use and ensure that it is phishing-resistant. 

There are two caveats for hardware keys:

Smart cards are another form of MFA with similar phishing resistance. We won’t get into the details here as they seem to be less likely to be used for Bitcoin or Lightning-related MFA.

Another consideration for multi-factor authentication is whether you would ever be in a situation where you need MFA and cannot use a cell phone or smartphone.

There are two big reasons this could happen for bitcoin users:

There can be other restrictions on cell phone use due to customer-facing work environments or personal preference. Call centers, K-12 schools or high-security environments like research and development labs are some areas where phones are restricted and you would therefore be unable to use your phone authenticator app.

In these special cases where you are using a computer and don’t have a smartphone, you would then need a smart card or hardware key for MFA. You would also need your application to support these hardware options.

Also, if you cannot use your cellphone at work, how are you supposed to stack sats in the restroom on your break?

MFA can be hacked and your accounts can be compromised. However, you can better protect yourself with more resilient and phishing-resistant MFA. You can also choose MFA that is not tied to your phone number and has an adequate back-up mechanism or ability to have a spare key.

Ongoing defense against cyber attacks is a continuing game of cat-and-mouse, or whack-a-mole. Your goal should be to become less hackable and less trackable.

This is a guest post by Heidi Porter. Opinions expressed are entirely their own and do not necessarily reflect those of BTC Inc. or Bitcoin Magazine.

source

Tags: Crypto NewsCrypto WorldCryptocurrency NewsLatest Crypto NewsToday Crypto UpdateTop Cryptocurrency News
Share219Tweet137Share55

Search

No Result
View All Result

Recent News

PR NEWS WIRES – Step-by-step instructions to Compose Press Releases That Work And Get Free Exposure

November 29, 2022

PR Wires – High-level PR – Getting Your Press Release to Someone Who Cares

November 28, 2022
PR Wires – Involving a Press Release Administration as a Type of External link establishment

The One Press Release Pricing Tip You Shouldn’t Be Without

November 26, 2022
Latest News and Updates on Cryptocurrency

Get the latest news on Cryptocurrency and stay up-to-date ... Cryptocurrency prices today

Recent News

  • PR NEWS WIRES – Step-by-step instructions to Compose Press Releases That Work And Get Free Exposure
  • PR Wires – High-level PR – Getting Your Press Release to Someone Who Cares
  • The One Press Release Pricing Tip You Shouldn’t Be Without

Crypto Update

  • Crypto Exchange
  • Analysis
  • Bitcoin
  • Finance
  • Guide
  • Market
  • About
  • advertise
  • Privacy & Policy
  • Contact Us

© 2022 Cryptoandcream.com

No Result
View All Result
  • Home
  • Market
    • Analysis
    • Guide
  • Binance
  • Bitcoin
  • Blockchain
  • Coinbase
  • Crypto
    • Crypto Exchange
  • Ethereum
  • Finance
  • Litecoin
  • Ripple
  • Tether

© 2022 Cryptoandcream.com

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In