πŸ”’It's Safer Internet Day! Two mechanisms to prevent account hacking

Two mechanisms to prevent account hacking.

πŸ”’It's Safer Internet Day! Two mechanisms to prevent account hacking
Photo by FLY:D / Unsplash

Hi! My name is Narendra Vardi, and I write about my learnings, observations and trends in the Software world. Besides software, I also talk about photography, travel stories, books and movies. If that's something that interests you, consider subscribing.


Recently a friend of mine called me. He mentioned that their Instagram account had been hacked and was being misused. He asked me if there was a way to retrieve the account. Unfortunately, I didn't have any helpful answers.

On the occasion of Safer Internet Day, I thought of discussing how you can prevent this situation on most websites. Some of you might have already used it knowingly or unknowingly.

This is a two-step process.

  1. Using Password Manager.
  2. Using Two-factor authentication.

Using Password Manager

One of the simplest prevention forms is using a different password for different websites. Besides this, avoid using the most commonly used passwords. It should be difficult for hackers to guess the password.

This is common sense; I am sure you are already aware of this. But why do we not use different passwords? Because our memory has limitations. That's where Password Managers help us. They help us to generate a unique password for each website, and they also help us to fill in the password onto that website without memorising the password.

Bonus: One of the bizarre passwords I have seen people with password manager use is 4PMf?,^t(Nr+V3tww9pn8&uB'zHsg=KFud/~/E"j&tcP"_y:bhE5Wn9X+&PuCnY*Ee.aaJ πŸ˜‚

The only problem is, if a password is compromised, which based on my password manager usage experience, is very rare, it can create a problem. In this case, we make use of two-factor authentication.

Enabling Two-factor authentication

Have you ever received a text message like Your security code to login is: XXXXXX

This mechanism is called two-factor (or sometimes multi-factor) authentication.

Multi-factor authentication (MFA), sometimes called two-factor authentication (2FA), is a security enhancement that requires you to present two pieces of evidence when logging in to an account. Your credentials must come from two different categories to enhance security.

The first category is your password, and the second category will be the code from two-factor authentication.

Here's the list of two-factor authentication mechanisms available:

  • Knowledge factors: Something you know; like a password, PIN, or security questions
  • Ownership factors: Something you have; like a mobile device (text message), email account, or a USB security key (e.g., YubiKey)
  • Inherence factors: Something you are; biometrics; like your fingerprint, iris pattern, or facial features

(The above list is taken from Danny Sheridan's November 30: Types of Multi-factor Authentication substack article)

Best practice: Always enable more than one type of two-factor authentication mechanism and save the security codes or QR codes provided by the website while enabling the two-factor authentication.


Share this article

Copy and share this article: https://www.narendravardi.com/safer-internet/


Recommendations

If you liked this article, you might also like reading the following.


❀️ Enjoyed this article?

Forward to a friend and let them know where they can subscribe (hint: it's here).

Anything else? Comment below to say hello, or drop an email!