Personal tools

Contact Us 24/7 > 1 866.SIX FEET
Sections

Skip to content. | Skip to navigation

Home > Blog > How to Set Up A Two Factor Authentication
12/07/16

EVERYONE.NET SCHEDULED MAINTENANCE 

Everyone.net will be performing maintenance on their databases Friday, December 9th, 2016 between 9:00PM PT to 3:00AM PT / 12:00AM ET to 06:00AM ET. During this time, all services including web mail, POP, IMAP, and SMTP relay may experience degraded performance and inbound mail delivery delays. We apologize for any inconvenience.

Blog

How to Set Up A Two Factor Authentication

written by Calvin Hendryx-Parker on Monday January 26, 2015
Comments | Filed under: , ,

tfa graphicOverview

Between the combination of security leaks by the sites you visit and brute-force attacks, keeping the bad guys out of accounts has become increasingly difficult. One way to limit your exposure to the bad guys is to use Two Factor Authentication (TFA) on your accounts. We highly recommend you go through the steps to set up TFA on any service you use that supports it. You may not think much of some service, but the bad guys can use what may seem like unimportant accounts to gain additional information in order to access more sensitive accounts later.

Getting Setup

There are a few different forms of TFA commonly supported by sites and services. Probably the most common and easy to use is to register your mobile phone number with the site and require that they send a text to that number when you login. The site will then require you to enter this number after logging in and before you can access your account. With this type of TFA in place, a potential bad guy would need to have your phone in hand to receive the SMS, even if he had your real password.

One-time Passcode Methods

Other common TFA technologies include:

Both of these technologies use a one-time passcode (OTP) to give the holder of the item a number that is good for a limited timeframe. Much like the SMS TFA option, these require the account user to have the physical device that is generating the OTP codes in hand to login.

To get started using one of these technologies, you would need to either purchase a YubiKey or install the Google Authenticator app onto your device. Google Authenticator supports many platforms including the Pebble smart watch. Once installed, you will add keys per application and/or site you want to access.

Biometric Methods

With the new iPhone 6, it is also possible to use biometric authentication to allow access to services such as LastPass. The new apps will allow support for the iTouch technology and each time you login or launch the app, it can verify your identity using your fingerprint.

Common Sites that support TFA

One service we use at Six Feet up and always want to protect with TFA is LastPass. Luckily LastPass supports all of the above technologies we have in this article plus others such as:

EXAMPLE: To enable one of the available TFA methods for a LastPass account, just login to your vault and go to “Settings”. The “Security” tab will have the Grid and Fingerprint options listed, but the other multifactor methods are listed on the “Multifactor Options” tab. Once you choose your method, LastPass will walk you through setting up your device.

Tip: Make sure to check your bank’s website and if they don’t support TFA yet, email to ask that they do.

Here are some other commonly used sites that will allow you to set up TFA:

  • AWS – SMS, Gemalto, Google Authenticator
  • Google Apps – SMS, YubiKey, Google Authenticator
  • Twitter – SMS, App Push Notifications
  • Facebook – SMS
  • Hootsuite – SMS, Google Authenticator
  • Directnic – Google Authenticator
  • Apple ID – SMS, iOS Push Notification
  • Github – SMS, Google Authenticator
  • PayPal/eBay – SMS
  • Dropbox – SMS
  • EverNote – SMS, Google Authenticator
  • Skype – via your Microsoft Account

If you want to find other services that do support TFA, the Two Factor Auth site lists many options that are available.

Did you find this article useful? Want to learn more about TFA? Leave a note in the comments and be sure to sign up for our Plone & Python How-To digests to receive more how-to guides as soon as they are published!

 
Posted by Deborah on Jan 29, 2015 06:43 AM
Calvin, thanks for the nice article. I was looking for a 2fa solution for my business (internal user's login). I was searching through OATH web-site and twofactorauth site to find a provider and stopped with Protectimus (https://www.protectimus.com). 2 big advantages for me: - 20 minutes to integrate it to my system - affordable price comparing to others. yubico and duo prices are UNREAL0 ((
Posted by jim on Jan 29, 2015 11:25 AM
Hi Deborah! The article above is more about how an individual can choose to use two factor authentication on their personal accounts at places online like LastPass. In this situation you can get a yubikey for $25 one time fee and be done. No recurring costs. Yubico also offers free open-source one time password servers in Python (which we love!) or PHP. If you want to offer two factor authentication for a website or web app you are building that the public would use we recommend supporting some of the standard existing system's like Google Authenticator. Protectimus could be a good solution for banks or other organizations that need to control their two factor authentication. Thanks!
Add comment

You can add a comment by filling out the form below. Plain text formatting.

puzzle
Calvin Hendryx-Parker
Chief Technology Officer
Calvin's Recent Posts:
Django CMS vs Plone (10/31/2016)

Next Steps


Select a type of support:

Contact our sales team

First name:
Last name:
Email:
Phone Number:
Message:
Fight spam:
What is + ?
 
Call Us 1 866.SIX FEET
Sections