You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
close
You are viewing the article in preview mode. It is not live at the moment.
Home > Guides > 2FA enrollment steps
2FA enrollment steps
print icon
Nick Giaffis
Oct 13, 2023
views icon 239

Today, Americans are living more and more of their lives on the internet. We shop, bank, socialize, work and play online. But as our digital lives become increasingly important, they are also exposed to greater risks. Hackers are lurking around every corner ready to steal our identities, drain our bank accounts, and lock us out of our computers. That’s why we need to take extra precautions to safeguard our digital world.

Two-factor authentication (2FA) is an increasingly important tool in the fight to stay safe online.

 

First, why again is it important?

Data breaches are the new normal. These breaches have in the past hit some of the world’s biggest retail chains (Target, Home Depot, TJX); hotels (Hyatt, Hilton); internet companies (Yahoo, eBay, LinkedIn) and many more. The result has been theft on a massive scale of the password/username combinations you use to access your accounts with these firms. With these credentials in hand, the bad guys can hijack those accounts — and any others you share the same passwords for — to drain your funds, locate more sensitive personal data, and buy goods and services in your name.

 

There are literally billions upon billions of breached log-ins circulating on the dark web. Last year, Yahoo alone admitted a breach of three billion user records. And in December 2017, a database of 1.4 billion stolen usernames and passwords — the biggest of its kind ever found — was discovered on a hidden site, all set up for hackers to use.

What does all of this mean? Practicing good password security is certainly still a good idea. But the steady stream of never-ending breaches will continue to put your log-ins at risk, and make managing the security of your online accounts a burden. Here’s where two-factor authentication can help.

We just had a test ran by the Sled Cyber Security team. They sent in fake Microsoft emails that tried to trick our users into putting in the username and password into a fake Microsoft website.  Out of the 1200 email accounts we had 43 people that were tricked into entering their credentials. This is better than the average but still more than we find acceptable. Two-factor authentication would stop hackers from being able to use these credentials against our email.

 

How does it work?

Two-factor authentication provides an extra layer of security for your account, making it harder for the bad guys to gain unauthorized access. With 2FA, knowing the username and password alone is not enough to get in — you also need a second “factor”: something you know (e.g., your mother’s maiden name); something you have (e.g., a code issued via SMS, or by an app or dongle); or something you are (e.g., you fingerprint) that a hacker doesn’t (or isn’t). We focus here on the second kind — a code which constantly changes or expires after use. It can be delivered to you by text message or a secure application on your device/computer, making it virtually impossible for the hacker to get hold of.

 

What we are proposing is a two-factor app for your cell phone.

 

How do I set it up?

Microsoft Authenticator is one of the most widely used 2FA apps on the market, thanks to the popularity of Microsoft services such as email and Calendar. This free app for Android and iOS can secure not just your Microsoft account but many other non-Microsoft accounts such as Dropbox, Twitter and Facebook. To set it up, have a computer and your City cellphone on you and follow these easy steps:

•Open up https://aka.ms/MFASetup on your computer

Log in using your work email address and your computer password

•It will tell you that it needs more information.  Hit Next

•It will ask you how they should contact you.  Mobile app should be selected by default, but select it if it is not; hit Receive notifications for verification, and then Set up

•At this point, you will be provided with a QR code

•On your cellphone, download the Microsoft Authenticator app from the App Store

•Open the app and tap the + button in the upper right corner of the screen

•Sign in with a QR code

•It may ask to have access to your camera; if so, allow that access

•Scan the QR code on your computer with your phone

•It will ask to allow notifications; do so

•You will now see an account added to your app with your email address

•On your computer, hit Next

•It will send a notification to your phone to allow authentication; on your phone, hit Approve

•On your computer, hit Next, then Done to complete the setup

 

What if I lose my mobile phone?

If you lose the device with the authentication app, your accounts could be compromised if you don’t act quickly. Should this happen, let someone in MIS know so they can revoke your 2FA token.  They will then reset your account with you so you can reconfigure your 2FA token on a new device.

Feedback
2 out of 2 found this helpful

Tags

close button
scroll to top icon