For example, someone could make a fake Gmail login page, email you a link to this page saying your account needs an update, and then direct you to the fake site, where you then log in with your username, password, and two-factor authentication token. Two-factor authentication is still susceptible to more advanced phishing attempts. Two-factor authentication can be a bit mind-boggling if you haven’t used it before, so check out our section on setting up Authy for a visual explanation of how it works.Īlthough two-factor authentication can protect against more basic phishing attempts, where a fake website designed to look like a login page tries to steal only your password, it’s not perfect-no security tool is. It’s run by Twilio, a reputable company that clearly outlines its security practices and updates Authy frequently. The fact that the backup is optional lets you decide what, if any, security risks you’re willing to make in favor of usability. Unlike most other two-factor authentication apps, Authy includes a secure cloud backup option, which makes it easier to use on multiple devices and makes your tokens simple to restore if you lose or replace your phone. When you open Authy you see a grid with large icons that makes it easy to find the account you’re looking for, copy the security token, and get on with your day.Ĭompared with other authentication apps, Authy is also available on more platforms, including iOS, Android, Windows, Mac, and Linux, and it features PIN and biometric protection for the app. This code, which is time-sensitive, can come to you via SMS, or it can be generated by a two-factor authentication app, such as Authy, on your phone. Even if someone gets ahold of your username and password, they still can’t log in to your account without the code. When you log in to an online account with two-factor authentication enabled, the site first asks for your username and password, and then, in a second step, it typically asks for a code.
0 kommentar(er)
