A common trend I see is the rush to turn on 2FA like Google Authenticator and Authy, but do people understand why it’s so effective? Google Authenticator and Authy are TOTP (Time-based One-time Password) 2FA. I’m going to show you what makes TOTP 2FA so effective and why this matters. How TOTP 2FA Works When …
Read moreWhy Google Authenticator and Authy 2FA Are So Effective?
We don’t need SMS 2FA. I’m going to break down why we don’t need SMS 2FA and give you a replacement that is not only better but cheaper and easier too. What Is SMS 2FA? Hopefully, if you’re reading this, you have a good understanding of SMS 2FA. If you don’t, SMS 2FA is the …
What’s more important? Password length, complexity, or strength? Neither. None of those things is as important as uniqueness of your passwords. Why Uniqueness Is The Most Important Factor? The reality is that you’re more likely to have someone obtain your password from a previous breach then someone to guess your password. Attackers know a lot …
If websites generated passwords for their users, it would fix so many problems. It would… Keep users from reusing passwords. Keep users from using weak passwords. Remove the anxiety of creating passwords. Show people they don’t need to remember every password. Be less complicated than doing 2FA. Be easy to write down. Speed up and …
If you’re on the fence about getting a password manager give this article a good read. Some of these reasons may seem obvious, others may come as a surprise. What I can guarantee you is that there will be even more reason to use a password manager that you won’t realize until you get one. …
There has always been a hot topic of getting rid of SMS 2FA because of its insecurities. NIST was going to drop it from its recommendation but backed out after much controversy. Now in 2020, a Princeton University study has come out demonstrating how bad SMS 2FA can be exploited. They even went as far …