Posts Tagged ‘Google Authenticator’

23
Oct
2018

Some tips on protecting your information!

categories: Uncategorized

It is National Cybersecurity Awareness Month (NCSAM) and I thought I will share some of the ways I protect my information. Spoiler alert: you may not find anything that you already don’t know and I may have written about these earlier. And if you came to the event at Wellesley last Friday, you already heard about these from me. But I hope this serves as a good reminder about some of the best practices for keeping your information safe.

Passwords & Passphrases

I use fairly long and complex passwords. I prefer passphrases wherever they are supported. It is so sad that so many systems still do not support passphrases and are restrictive in terms of the length of the passwords. As a rule, I use different passwords for different systems. I will be very happy to privately share with anyone who is interested in knowing more about how I maintain/remember all of these passwords. I also avoid saving passwords for some of the critical systems and financial institutions in my browser’s password manager. They are safe and continue to be safer, but, if ever someone steals my Google Password AND bypasses two factor authentication, they will have access to all my passwords (paranoia!).

To change the passwords often or not is an age old question and I believe that having a long and hard to guess password is much better than changing passwords often. One of the reasons for mandating the password change was that if hackers had access to your password, changing it prevents them from accessing your data and that it is hard for them to guess your new password. With the exponential increase in computing power, the moment your password has been hacked, a lot of your information has already been accessed before you can change the password. Secondly, it has been shown that mandatory password changes result in predictable password patterns that are easier to guess than one can imagine. I encourage you to read this article “Time to rethink mandatory password changes” on this subject. So, my advice – make passwords long and hard to guess.  (more…)

25
May
2015

2 Factor Authentication – How I panicked today

categories: Uncategorized

I have been using the two factor authentication for Google for quite some time and have never had any issues. I have it turned on for both my personal Google account as well as for my Wellesley account. On the latter one, it is of limited use because of our own use of single sign on. I experienced a real panic this morning that was an eye opener for me.

All began with me getting excited about a Chrome extension called Spaces for Chrome. Since I am big user of spaces on Mac OS, I got all excited about using this. I typically have 20-25 tabs open in my Chrome browser and I hate restarting it. Since this Chrome extension seemed to address grouping of the tabs as well as CPU/Memory savings, I thought I would try it out. I installed and happily reorganized my tabs based on some themes. Then I noticed that the Calendar extension had a red X on it. It said I needed to reauthenticate. So I did. Since I have set up two factor authentication, I was sent a code and everything seemed OK. But then, the red X came back. Disclaimer: I have no proof that it is this chrome extension that caused the problem. It is just an assumption!

I went to look at Chrome settings and it had an authentication failure. I reauthenticated, got the code on my cell phone and everything was fine again. Except… (more…)