The Final Say on Multi-Factor Authentication

by Chris Bonatti, IECA of Casper, WY

About Twitter

Securing your Twitter account with 2FA is a relatively simple matter.

  1. After logging into your account, click on Account settings | Security | Two-factor authentication.

2. Twitter supports 2FA via text message (which we do not recommend), an authentication app, or a FIDO2 key. You must select the appropriate method, and train Twitter to recognize your authentication app or key.

3. You can use any TOTP-based authentication app such as Google Authenticator, Authy, Duo Mobile, 1Password, etc.

4. For security keys you can use any device that supports the FIDO2 standard, such as Google’s Titan key, or the popular YubiKey devices.

5. You must also use a FIDO2- compliant web browser.

Many other online services offer similar provisions.

We are fond of saying that 2FA and MFA are among the most oversold technologies on earth, because people mistakenly assume that their use of additional MFA factors makes them unhackable. No technology can deliver that!

Some MFA technologies are more resistant to particular types of hacking, though generally the less susceptible it is to hacking, the harder it is to use successfully.

Why didn’t the President enable MFA?

Like many security technologies, MFA often presents a trade-off between usability and security. (Note by CyberWyoming: Maybe it was the inconvenience factor?)

If you have the choice of 2FA or MFA to secure an account or service, we recommend you adopt a stronger stance than President Trump, or other high-profile figures, and employ readily available 2FA or MFA technologies to authenticate more securely.


Register to Receive the Tech Joke of the Week!

This Week's Joke:

How many programmers does it take to change a light bulb?

None, it is a hardware problem!

More Posts: