Some new content on my personal blog looks at how Google Authenticator can help protect you online.
One post looks at the concept of multi-factor authentication and the advantages and disadvantages of the three types of factors...
- Possession Factors – Something You Have: a key or credit card, also tokens like single-use PIN numbers.
- Knowledge Factors – Something You Know: a password, PIN number or "secret question" like "what was your mother's maiden name?"
- Inherence Factors – Something You Are: a fingerprint, retina scan, etc.
... and how combing different factors in multi-factor authentication makes the authentication process stronger. One example would be the new Chip and PIN credit card authentication model. Right now using a credit card really only requires a single possession (something you have) factor – the credit card itself. Adding a second factor, a something-you-know knowledge factor in the form of a PIN – makes the entire process more secure.
A second post looks at the Google Authenticator app and how it can be used to better secure many websites and services by adding an additional factor(s) in the form of a token (single use PIN – something you have).
Authenticator is a great tool. I was reluctant to make the authentication process more cumbersome until some research into security card breaches and other well publicized hacks, right about the time I was starting to experiment with mining crypto currencies, got me moving. It was a good change to make and I'm now using Authenticator whenever possible.