CERT.br (Center for Studies, Response and Treatment of Incidents of Internet security in Brazil) has provided a booklet that explains the process of 2-step verification or authentication. The chapter is part of the Internet Security Primer.
The most common types of the procedure are verification codes, which may or may not be specific; the password generator token; the security card; the reliable device; the backup / reserve code list and recovery key. Each is described in the new issue, which also explains the care the user must take when using each one.
Although widely used for site authentication, passwords are not always secure enough to guarantee user identity. “Cases like the invasion of Hollywood celebrity accounts that had their privacy exposed and attacks on Twitter profiles of major media outlets could have been avoided if two-step verification had been used,” explains Miriam Von Zuben, analyst security center.
To make your password secure, Miriam highlights combinations you should avoid: any kind of personal data, keyboard strings, and words that are on publicly known lists such as song names and football teams. Random numbers, a large number of characters, and different types of characters, on the other hand, can contribute to less vulnerable code.
Internet Security Primer is available on here.
In addition to “2-Step Verification,” the archive features issues about accounts and passwords, malicious code, internet banking, mobile devices, privacy on social networks, and more.
Source: Digital Look
Want to learn more about authentication with RSA tokens?
Contact us: [email protected]