Are you still creating user accounts everywhere? Maybe you should stop and sign in with your Google, Facebook, or Apple account instead. It might just be more secure—and it’s definitely more secure if you’re not currently using a password manager.
One Strong Password With No Password Reuse
If you’re creating user accounts for each service you use, there’s a good chance you’re reusing passwords or using simpler passwords that are easy to remember. Then, when a website is breached and leaks your password, an attacker could use those email and password combinations to get access to your accounts. DoorDash losing 5 million logins was just the most recent example, but such breaches happen frequently.
That’s why we recommend using a password manager: You can create strong, unique passwords for each service you use and store them in your password manager’s secure vault. But, unfortunately, most people don’t use password managers.
If you sign in with Google, Facebook, or Apple, you can create a strong, unique password and remember it. You just have to remember that one password for your main account. It’s kind of like using a password manager, but it’s a little easier for the average person to get started with.
There’s another significant advantage to signing in with Google, Facebook, or Apple, too: Two-factory security.
Physical Security Keys and Other Two-Factor Tricks
You have many more options for locking down your Google, Facebook, and Apple accounts. For example, you can require a YubiKey or a Google Titan Security Key when signing into your Google or Facebook account. Other options like a code-generator app, app-based authentication, and SMS-based authentication are also available.
If you sign into other services with a Google or Facebook account, your two-factor authentication method is effectively securing that other account, too. Other services don’t generally have such a wide variety of two-factor options and support for hardware security keys—in fact, they may not offer two-factor authentication options at all.
Apple doesn’t offer support for physical security keys like this. But, when you use Sign in With Apple and sign in on another device, you’ll be prompted to enter a verification code sent to your trusted Apple device or phone number. Your Apple account and its two-factor authentication becomes the security key to your other accounts.
What About Privacy?
You might be concerned about this because of privacy. Do you really want Facebook or Google knowing about every other site you have an account with? And do you really want every app you’re using seeing all your Facebook information?
Read the remaining 9 paragraphs
from How-To Geek https://ift.tt/2mfLk4Z
No comments:
Post a Comment