These days it’s imperative that your website’s design considers website security. To maximise security think about incorporating Two Factor Authentication into your design.
The days have gone when a strong password was enough to keep the bad guys out… Attackers have become more adept at discovering your username and password and unfortunately website hacking is on the rise.
So how can you protect your website? The answer lies in Google Authenticator. This provides a six digit, one-time password which users must provide in addition to their username and password to log into Google services or other sites, in this instance we’re talking about your own business website.
At Kate Coote. we have offered all our clients the option of upgrading their website security, and KateCoote. is one of the first website designers in New Zealand who offer Two Factor Authentication at log-in as part of this upgrade.
If you’re a client who has taken advantage of our software security we encourage you to adopt the Two Factor Authentication. You may have seen a third field during your website’s log in process; this third field is used to enter a six digit number generated from an app downloaded to your smartphone. The numbers change every 30 seconds.
Below we’ve summarised how to use this increased functionality. If you’re a Kate Coote. client and have any questions please contact us. If your website has been developed by another designer, consider this blog article a prompt to speak to them about your own website security.
Why does Two Factor authentication help?
Two Factor authentication uses any two different factors. The most common, and generally the simplest, is a combination of something you know (a password) and something you have (your mobile phone).
Two factor authentication should not take the place of a high quality, unique password; instead it should augment it. Two factor authentication is similar to having deposit box at a bank. You have a key, but you also need to show identification. You can’t get into the box without both.
How does it work?
In one word, easily.
Step One:
Download the free Google Authenticator app from iTunes or Google
Step Two:
Log in to your websites’ Dashboard and drill down to Users > Your Profile
Step Three:
Tick the Enable box below the Google Authenticator Settings and a number of new fields open up together with a large square barcode:
Step Three:
Now open up the app you downloaded in Step One and press the + at the top of the phones screen. Point the green square at the square code on your screen.
Once the phone and website have been paired the phone screen switches back to the app window and displays the present code, the website domain name, your username and a pie icon showing how long you have before the next code is generated:
Step Four:
Whilst the generated code remains blue paste the six digits (without any spaces) into the area below the barcode on your user profile page.
Step Five:
You will need to save the updated profile quickly before the code on your phone has changed
When you next log into your secure website, just enter your username and password together with the six digit code that will be generated when you open the Authenticator app on your phone.
Your phone and website are now locked down and no matter how hard a hacker tries, it is virtually impossible for them to log in to your website. Note: Two Factor Authentication does NOT circumvent the requirement to use robust passwords. Passwords like password, or pass123 are asking for trouble!