Saturday, December 19, 2020

How To: Two-Factor Authentication

Security: 

The word often makes us feel all warm and fuzzy inside.

We want to feel safe and secure. We buy security cameras when want to feel more secure in our homes. We use passwords for sensitive websites such as banking and utilities.

But just how secure is that password you use? 

Better yet, when was the last time you changed it?

Is it complicated or does it start with the word 'Password' and end with '12345'? 😀

One of the more secure ways to prevent others to try to gain access to your email and banking websites is to use "Two Factor Authentication" or 2FA.

Two Factor Authentication adds an additional layer of security to your accounts on the internet. Whether it be email, a social website, banking account or any other sensitive web page, Two Factor Authentication prevents those accounts from being hacked.

The two parts of the authentication is:

1. Your password

2. The code which the website or the application sends to your device. Such as your phone or tablet. This is the key to Two-Factor Authentication. A second electronic device.

How it works:
When you log in to a service account or webpage, you use your mobile phone to verify your identity by either clicking on a texted / emailed link or typing in a number sent by an authenticator app.


Authentication apps are the standard to receive authentication codes. Such apps as Authy and Google Authenticator.

Authy is available in multi platform OSs. Besides Android t's available in Windows, Mac, Chrome and iOS.

Tuesday, December 15, 2020

Tech News: US Dept Of Treasury and Dept Of Commerce email servers breached by Russian hackers

 In one of the most sophisticated and perhaps largest hacks in more than five years, email systems were breached at the Treasury and Commerce Departments. Other breaches are under investigation.

Russia-backed hackers infiltrated internal email systems at the US Treasury and Commerce departments, and were spying on email communications for months, possibly as far back as March.


The attacks, first reported by Reuters on Sunday, was apparently carried out by hackers from the SVR, Russia's foreign intelligence service.  In truth, no one knows where the damage ends; given the nature of the attack, literally thousands of companies and organizations have been at risk for months

The White House National Security Council, which reportedly held an emergency meeting on Saturday, said via spokesperson John Ullyot on Monday that it is collaborating with CISA, the FBI, and the intelligence community to respond with "a swift and effective whole-of-government recovery."

Original Article at https://www.wired.com/story/russia-solarwinds-supply-chain-hack-commerce-treasury/