Strong Authentication Now
Posted by TestOut Staff on
A week ago I received a phone call from an individual claiming to be from Microsoft. He said they were “monitoring my computer and detected that it is performing at a very slow speed.” As an implacable nemesis of Bill Gates, I was immediately suspicious. Even more so when he directed me to read him my IP address.
Now as a regular reader of tech blogs I realized that this was a hacker looking for an easy score. I decided to mess with him. I did everything I could to keep him on the line, pretending I couldn’t find my glasses, couldn’t hear what he was saying, stumbling through fake numbers, and so forth. After about 10 enjoyable minutes, I asked if he could hold on while I went the bathroom — he hung up on me.
While it’s fun to antagonize these scoundrels, it’s no laughing matter that they and others of their ilk are out there every day ripping people off. In 2015, hackers stole an estimated $15 billion from U.S. consumers due to identity fraud, and in 2014, 47 percent of American adults had their personal info stolen by hackers — primarily through data breaches of large enterprises. More alarming is that the FBI says more than 80 percent of cybercrimes go unreported due to an inability to report them — or lack of awareness that they even happened.
One reason why identity fraud is easy to commit is because so many of us use the same password for multiple accounts. What logs us into our email also logs us into eBay, Amazon, LinkedIn, Facebook, electronic banking and a host of social media sites. A cyber crook stealing one password can cause a great deal of damage before we even know we’ve been ripped off.
That’s why there is a serious movement to leave passwords behind. This effort is being led by the White House and the National Cyber Security Alliance (NCSA) with their “Lock Down Your Login” Internet safety and security initiative. The initiative’s goal is to empower Americans to better protect their online accounts by moving beyond passwords.
In spite of the evidence that passwords and usernames aren’t protecting our accounts, 72 percent of Americans still believe they are, yet every two seconds there is another victim of identity fraud.
The NCSA recommends that we all use “Strong Authentication” to secure our online access. Strong authentication refers to using a two-factor authentication or login approval that is more than just a username and password. It’s a way to “lock down your login” by helping you prove you are who you say you are by providing multiple forms of verification just like an ATM that requires your bank card and pin number. This added layer of protection makes it more difficult for cyber thieves to access online accounts.
The initiative recommends three methods to better secure your online accounts:
Security keys — A small device in your possession that you plug into your USB port when logging in.
One-time codes — A unique code that you enter into a website or app that is sent to you.
Biometric markers — A fingerprint or camera for a facial scan, usually found on your mobile device.
More sites are utilizing strong authentication, seeing it as a way to fortify consumer accounts. To learn more about implementing string authentication and web sites and services, click here.
The internet is here to stay. It’s a great place to buy things and connect with others, but it’s also an increasingly dangerous place. We are in a war between cybercrime and cybersecurity — it’s time to get serious and move beyond the outmoded simplicity of passwords and usernames.
About the Author — Calvin Harper is an associate editor for GoCertify and a veteran of the publishing industry. If you must use a password, then Calvin suggests becoming familiar with the Correct Horse Battery Staple paradigm.