The discussions around the use of cloud computing continues, as it should, but “the cloud” continues continue grow in popularity and acceptance for a variety of reasons. I’ve discussed in some previous posts the precautions I take with the cloud computing services I utilize on a regular basis but, a part of our legal and ethical practice as NCSP School Psychologists is to continue evaluating ethical uses and practices. Two factor authentication is another step I’ve taken as a part of my daily work.
Not familiar with two factor authentication?
The video below does a good job explaining two factor authentication. Here is my brief explanation. Entering a password is one way of verifying who you are because hopefully you’re the only one who knows the password but two factor authentication adds another way to authenticate that you are who you say you are.
So why would you want two factor authentication?
A strong password is the first step to protecting information but two factor authentication is similar to a second, completely random password. This completely random password improves your protection of information. Who doesn’t want more security?
My Uses of Two Factor Authentication
I currently use two factor authentication with both Dropbox and Evernote. This means when I log-in to either dropbox or evernote, via their website, I first log-in with my username and password but then the service prompts me to enter in the code displayed in my Authenticator app.
Then I use my Google Authenticator App to get the code that I enter in the log-in. The authenticator number only displays for 30 to 60 seconds before another one displays. Below is a screenshot of my authenticator app displaying the code for evernote and dropbox for whichever service I’m logging in to.
So some way, I never promised to have all the technical background and know how, Evernote knows what number is being displayed and so when I enter it Evernote knows I am who I say I am! Voila!
I should draw your attention to the fact that two factor authentication is when you used the web-based service. If you have Dropbox or Evernote installed on your computer then you only use two part authentication when you log-in, which for me is not every time (depends on your settings). So for me, because I don’t have Evernote or Dropbox installed directly on work computers I access the information by logging in to the website and this is when I’m prompted first for my password and then for my authentication code.
Couple Words of Caution
During the two part authentication set-up process for whichever service(s) you choose to use it with, the service will provide you with an EMERGENCY backup code in case you lose you authenticator app. KEEP THIS SAFE! If you lose your authenticator app and don’t have this code you won’t be able to get back in to your account. Period. Can I stress any more how important this is to keep this safe!
Ready? Set. Go!
Evernote and Dropbox both have great information and directions for how to set-up two factor authentication. Check it out and send me any questions you might have that come up. I’ll do my best to answer your questions and help out.
Google Two Step Verification – If you’re wondering why I didn’t discuss Google Two Step Verification its because I don’t currently use it. Since my district isn’t a Google Apps District currently I rarely have any information that I need to keep that secure so I don’t have two step verification enabled. I’ve started reading about it though because the word on the street is that our district will be moving that way in the near future.