theITbaby

the IT city, the I.T. Baby

Google Authenticator
How-ToInformative

You don’t have time to be hacked, here’s a simple preventitive

Paul King 0 Comments

Google AuthenticatorYou’re a parent, you don’t got time for some hacker’s crap. Got something linked to your credit card such as Amazon, Google, Facebook, yadda yadda yadda? Don’t want hackers to access this at 3am after they’ve stolen your password from a fake login site? Your teenager knows your password is their birthday?

Here’s a free (completely,) quick and easy way to secure your accounts so that even if you use password123 on all of them you’re still somewhat secure.

2-Factor Authentication

With two-factor authentication you not only have to have your password, but you need a six or more digit code (or a phone,) in order to get in.

Upon logging into a system and going to Amazon you’ll need to have a code. You can get this via an authenticator app such as Google Authenticator, or you can have the website text you the code.

Google AuthenticatorBut what if my phone’s shot?

Assuming your phone is on the fritz, usually the services that allow two-factor authentication also allow you to have some one-time-use codes. Google and Facebook for example give you 10 and when you use those up you can generate a new one.

I have my codes sitting in a text file in a password protected archive and scrambled in such a way that I am the only one who knows how it’s scrambled. That’s probably overkill for most people, you could probably just print out a page and be good, but meh.

I’ve also got a couple of phone numbers that some of the services can call and speak with (inlaw’s phones).

This sounds like a lot of work

Setup takes a minute or so, it’s geared so that if you lose your password app you can still get a code via text message, and it makes it so even if thieves get your password they still have to get a randomly generated 16-digit timer code.

On the devices you trust such as your home computer, any device the teenager doesn’t have, your fingerprint-to-unlock phone, etc you can set it up so that you don’t have to be prompted for two factor auth at every sign in. Just on new devices. That will lower security, but meh.

How much time will this really save?

Usually the companies out there are pretty good at understanding you got hacked, password stolen, etc. I’ve heard it’s about 15-40 minutes a pop to deal with them. Multiply that times how many places you used the same guessable password that have a credit card linked.

If the company is not responsive, EG the hackers hit you on the 3rd of July, right before Christmas, etc, you’ve got that weekend spent calling any credit card companies and getting those shut down to charges.

A ruined weekend/holiday/etc

From personal experience you’re going to see the false charges hit on a Friday at 4pm so there’s next to nothing you can do about it.

Seriously, just get a two-factor app and spend that extra hour and two days with less stress with your kiddos.

Great, how do I do this?

Amazon: signed in, accounts & lists pull down, your account, advanced security settings, enable two step verification.

Google: go here

Facebook: (web) pull down top right arrow, settings, Security, set up trusted contacts, then go to login approvals.
Facebook: (app) hamburger menu (top right) account settings, somewhere in there but my app is being a pain as of writing.

Paul King

Paul King lives in Nashville Tennessee with his wife, two daughters and cats. He writes for Pocketables, theITBaby, and is an IT consultant along with doing tech support for a film production company.