Two Step Authentication

Interview & Tips from Gravity Payments' Senior Security Engineer Mick Grove

Two Step Authentication | Risky Business Ep 02

Mick Grove and Dan Carroll discuss two step authentication, what it is, why it is useful and how you as an individual or business owner can implement it today. Two step authentication is a very secure way of protecting your online platforms from cyber attackers trying to infiltrate systems that require a login, such as email, social media, banking accounts, etc.

Two Step Authentication: Video

 

 

Set-Up Two Step Authentication (Gmail):

Signing in with Two Step Authentication is easy.

  1. Go to the sign-in page and enter your username and password like you normally do.
  2. Then you’ll be asked for a six-digit code, which you’ll get from your phone. If you want, when you enter your code, you can choose to trust your computer — this means you won’t be asked for a code again when you sign in from this computer. If you sign in from another computer, however, you’ll be asked for a code.
    unnamed

Set-up Two Step Authentication on your devices:

Use these links below for instructions on how to use one of the services mentioned by Mick Grove to backup your data and protect yourself from ransomware.


Setting up Two Step Authentication on an Android device:

Requirements

To use Google Authenticator on your Android device, it must be running Android version 2.1 or later.

Downloading the app

  1. Visit Google Play.
  2. Search for Google Authenticator.
  3. Download and install the application.

Setting up the app

  1. If you haven’t already, complete the SMS/Voice setup and enroll your account in 2-Step Verification using your phone number.
  2. On your computer, go to the 2-Step Verification settings page and click on Android.
  3. On your mobile device, open the Google Authenticator application.
  4. If this is the first time you have used Authenticator, select Begin setup. If you are adding a new account, choose Set up account from the app’s menu.
  5. To link your mobile device to your account:
    • Using QR code: Select Scan a barcode. If the Authenticator app cannot locate a barcode scanner app on your mobile device, you might be prompted to download and install one. If you want to install a barcode scanner app so you can complete the setup process, select Install, then go through the installation process. Once the app is installed, reopen Google Authenticator, then point your camera at the QR code on your computer screen.
    • Using secret key: Select Enter provided key, then enter the email address of your Google Account in the “Enter account name” box. Next, enter the secret key on your computer screen in the “Enter your key” box. Make sure you’ve chosen to make the key Time based, then select Add.
  6. To test that the application is working, enter the verification code on your mobile device into the box on your computer next to Code, then click “Verify.”
  7. If your code is correct, you will see a confirmation message. Click “Save” to continue the setup process. If your code is incorrect, try generating a new verification code on your mobile device, then entering it on your computer. If you’re still having trouble, you might want to verify that the time on your device is correct or read about common issues.

Setting up Two Step Authentication on an iOS (iPhone, iPad, or iPod Touch) device:

Requirements

To use Google Authenticator on your iPhone, iPod Touch, or iPad, you must have iOS 5.0 or later. In addition, in order to set up the app on your iPhone using a QR code, you must have a 3G model or later.

Downloading the app

  1. Visit the App Store.
  2. Search for Google Authenticator.
  3. Download and install the application.

Setting up the app

  1. If you haven’t already, complete the SMS/Voice setup and enroll your account in 2-Step Verification using your phone number. You can add the Google Authenticator app only after you’ve already enrolled using your phone number.
  2. On your computer, go to the 2-Step Verification settings page and click on iPhone.
  3. On your mobile device, open the Google Authenticator application.
  4. Tap the plus icon.
  5. Tap Time Based.
  6. To link your mobile device to your account:
    • Using Barcode: Tap “Scan Barcode” and then point your camera at the QR code on your computer screen.
    • Using Manual Entry: Tap “Manual Entry” and enter the email address of your Google Account. Then, enter the secret key on your computer screen into the box next to Key and tap “Done.”
  7. To test that the application is working, enter the verification code on your mobile device into the box on your computer next to Code, then click “Verify.” The clock icon on your mobile device will let you know how much time is left before the verification code expires and a new one is generated.
  8. If your code is correct, you will see a confirmation message. Click “Save” to confirm. If your code is incorrect, try generating a new verification code on your mobile device, then entering it on your computer. If you’re still having trouble, you might want to verify that the time on your device is correct or read about common issues.

two step authenticationInterview Full Transcript:

 Dan Carroll: What tactics could I be putting into place today at Dan’s Massages that would stop people from accessing my systems.

Mick Grove: Some of the best things you can do first and foremost is enable two step authentication, on your bank website, on your Gmail. Any online service you use, you want to use whats called two step. That is when you use a password to sign in like today, thats one step. The second step is like a text message, so you will add a phone number. This way when you sign in, after you enter your password, they send you a text message with a secret pin or code. You type that in and then you can login.

Dan Carroll: But isn’t that a hassle?

Mick Grove: It is a bit of a hassle, but not as much of a hassle as trying to recover from locking all your files.


For more information on data security be sure to follow our Risky Business series throughout the week. For more information on Gravity Payments, or credit card processing in general, click here to contact us. We reduce the costs and headaches of accepting credit card payments by providing simple, fair, and seamless solutions.

Start Now

 

Previous StoryNext Story