With every hack, every breach, every lost or stolen phone, online users experience a similar feeling: How do I enhance my online security?
Usernames and passwords – no matter how unique they might be – are not poised to protecting your accounts and devices anymore. What’s even worse, more than 65% of users use the same password everywhere, making it incredibly easy for hackers to breach your account.
So, the question arises, what you can do to enhance your online application security?
Google Authenticator offers you an extra layer of protection, in addition to passwords, to drastically reduce the chance of a security breach in your web application.
What is Google Authenticator and how does it work?
Google Authenticator is a popular, free mobile security application based on two-factor authentication (2FA) that works to verify user identities before granting them access to websites and services. To access any website or web-based services, the user needs to type his normal username and password. Once done, the user then enters the code, typically a six-digit password that is delivered to their smartphone triggered by the login and is sent to the phone via text, voice call, or the mobile app. If the user has a security key, it can be inserted into the computer’s USB port.
The code received on your phone is explicitly created for your account and only when you need it. This code can only be used one time and expires in 30 seconds.
This verifies that the same person entering login to any website or website service is in possession of the device or security key to which the Google Authenticator app was downloaded.
However, if you are using the same device for all your work, Google Authenticator will only ask for your password when you sign-in. But, when you or anyone else tries to sign in to your account from another
computer, the app will again ask for the verification.
The two-step verification allows you to secure your account with something you know (password), and something you have (Security key or your phone).
Features of the app
- The app sends verification codes to your cell phone via text message or Google can call your cell or landline phone with your verification code.
- It can generate verification codes even when your device has no phone or data connectivity.
- Users can use a Security key for advanced protection.
- Backup codes can be printed or downloaded when your phone is unavailable, for example, when you travel.
Google Authenticator is a must-have for:
- Online Banking
- Online Shopping
- Cloud Storage Accounts (Dropbox, Box, Sync)
- Email (Gmail, Yahoo, Outlook)
- Social Networks (Facebook, Twitter, Linkedin, Tumblr)
- Password Managers (LastPass)
- Communication Apps (Skype, Mailchimp)
Google Authenticator’s purpose is to make attackers’ life harder and make it more difficult for cybercriminals to breach your account. If you already follow basic password security measures, Google Authenticator will help reduce fraud risks because most cyber crimes are conducted via the Internet, and it is highly unlikely that the cybercriminal will also have access to your physical device.