Enhancing Security Online – Multi-factor or Two-Factor (2FA) Authentication

More Than Just a Free Newsletter

Become a Tame Your Practice member for FREE and receive our newsletter, special offers, and exclusive members-only content.

Enhancing Security Online – Multi-factor Authentication

Have you created an emergency client transition plan as required by your code of ethics? My new book, Private Practice Preparedness, with co-author Nancy Wheeler, will guide you through making such a plan and includes easy to use templates. Get 15% off the purchase price with the exclusive code found in the Tame Your Practice Members section.

You are likely aware of the reported 5 million Gmail passwords that were leaked on a Russian forum a few years ago, and the increasing number of such breaches since then. Even though Gmail has recently reported that less than 2% of those username/password combinations were current, this is another reminder that we can’t be too careful online.

In addition to using strong-passwords, and a password manager (I use LastPass), I strongly encourage everyone to use Multi-Factor Authentication (now, more commonly referred to as Two-Factor Authentication or 2FA) whenever possible. As it’s name indicates, multi-factor authentication requires the entry of at least two pieces of information in order to access secure data or accounts. It’s the digital equivalent of producing two forms of identification in order to obtain your driver’s license or passport. Even if someone else were to obtain your password(s), they would also require another piece of information or equipment in order to access any of your accounts.

Multi-factor authentication can be as complex as thumb prints and retinal scans, or as simple as a second password or randomly generated code. The most common forms are physical devices and secondary codes generated by a companion app. Physical devices include things like a YubiKey or thumb print reader. It’s also possible to turn any USB Drive into a secondary physical security factor. These devices will typically attach to your computer and provide an additional way to prove your identity. Companion apps, like Google Authenticator, install on your mobile phone and periodically generate a unique code. In addition to your password, this code would need to be entered for you to gain access. Without these physical devices or code generators, someone with your password cannot access your account(s)

Multi-factor authentication is especially important when utilizing a password manager, but can also be employed with individual accounts. This is strongly recommended when logging into services like Google and Apple that provide you access to multiple accounts with a single username/password combination. While multi-factor may take a bit of time to set up, and a brief moment of extra time when logging in, I strongly recommend it’s use for anyone wanting to protect sensitive personal or clinical data. The trade off is well worth it considering you will now how an extra security blanket.

Describe - Deck Two

The Most Versatile Conversation Starter gets even better!
Get 10% off with discount code: typblog

Support TYP News

 

Want to thank Rob for his hard work?

Have these resources provided valuable help?

 Related News

Similar articles you might be interested in!

About the Author

Rob has been covering technology and business news for mental health professionals since 2011. His extensive experience in IT, business, and private practice allow him to synthesize information in a friendly, digestible manner. He also enjoys time with his family, ultimate frisbee, and board gaming.

Rob Reinhardt

CEO, Tame Your Practice

More Than Just a Newsletter

Gain access to exclusive content, special offers, discounts on services, and the free Mini-Guide to Choosing an EHR. ALL FOR FREE

Share This