Traditional password authentication is also called single-factor or weak because, given certain resources, intercepting or guessing the password is a matter of time. The human factor plays not the least role in this - the more hack-resistant the password is, the more difficult it is for a person to remember it and the higher the probability that it will be additionally written down, which will increase the probability of its interception or theft. Conversely, passwords that are easy to remember (for example, frequently used words or phrases, dates of birth, names of loved ones, names of monitors or nearby equipment) are very poor in terms of resistance to hacking.
Today, the following approaches to user identification and authentication are used:
- password - uses unique knowledge (for example, login-password);
- hardware (or electronic) – uses a unique item (proximity cards, smart cards, magnetic cards, tokens, etc.);
- biometric - uses unique characteristics of a person (fingerprints, retina, voice, handwriting, etc.).
Popular online services such as Google, Facebook, Twitter, LinkedIn, Apple, and Microsoft use two-factor authentication to provide an extra layer of security when logging into accounts. In addition to a username and password, or a personal identification number (PIN) or pattern, two-factor authentication requires an additional security token.
Even if two-factor authentication is used, hackers can gain access to your online accounts through attacks such as phishing, malware, and social engineering.
If you want to maintain your privacy on social media, share as little information as possible. You should not share information such as your date of birth, email address or phone number on your profile. People who need to know your personal information probably already have it. Don't fill out your social media profiles completely, only provide the minimum necessary information. Also, check your social media settings, allowing only people you know to see your activity and write to you.
The more personal information you share online, the easier it is for criminals to compile a dossier on you and use it against you in real life.
Have you ever forgotten your username and password for an online account? Secret questions like "What is your mother's maiden name?" or "In what city were you born?" will help further protect your account from hacking. However, anyone who wants to access your accounts can find the answers to these questions online. You can set false information as the answer to these questions, if you yourself are able to remember these false answers. If you have trouble remembering this information, you should use a password manager.
Every day, millions of email messages are used to communicate with friends and conduct business. E-mail is a convenient way to communicate quickly. When you send an email, it's like sending a postcard. The message on the postcard during transport is visible to anyone who has access to it. An email message is also transmitted unencrypted and can be read by anyone who has access to it. Also, these messages are transferred between different servers until they reach their destination. Even when you delete your email messages, they may be stored on email servers for a while.
Anyone with physical access to your computer or router can see what websites you've visited using your web browser history, cache, and possibly log files. This problem can be minimized by enabling private (incognito) browsing mode in your web browser.
When private mode is enabled, cookies are not stored, temporary internet files and web browser history are deleted when the window or application is closed.
Protecting your browsing history can prevent information about your online activities from being collected. This allows you to avoid targeted advertising to encourage you to make purchases. Even in Private Browsing mode with cookies disabled, companies are developing various ways to monitor user activity in order to collect information and track their behavior. For example, intermediate devices such as routers may have information about a user's web surfing history.
Ultimately, you are responsible for protecting your data, computer devices, and ensuring that no one impersonates you. When you send an email, should you include your medical records? The next time you surf the web, will your data be transmitted securely? A few simple safety precautions can save you from problems in the future.
Each of the authentication options has its own advantages and disadvantages, due to which some technologies are suitable for use in some systems, while others are suitable for others. There is no strictly unambiguous solution, so users have to choose independently which method of identification to implement in their own information computer systems.
However, it should be taken into account that using simple, short passwords, using one password for many systems, leaving a written password near the computer makes it much easier for an attacker to access your data.
