Lets face it. Despite the tall proclamations of safety and security offered by companies for our online accounts, no account is safe. That holds good even for our good ol' trustworthy password managers as evidenced by what happened to LastPass a few days ago. it appears that despite the best security measures, our online accounts are sitting ducks waiting for a predator to take a bite at us at any unsuspecting moment.
Sometimes an account is compromised but no data is stolen. But it is now certain that we can never be too sure of the fact. So what can we do in the light of these hacks and security compromises? In my opinion, it is best to go in for the not so convenient but safer two factor authentication.
Two factor authentication offers an additional level of security because it not only makes use of your password, but also lets you input a code that is available only to you on your smartphone. This code is usually generated on an authenticator app that generates the codes. If you are using an Android handset or an iPhone, you can make use of the Google Authenticator app. If you have a Windows Phone, you can make use of the Microsoft Authenticator app for the purpose.
How to Protect Your LastPass Account Using Two Factor Authentication
If you haven’t secured your LastPass account with two factor authentication, its time you did. Just follow the steps outlined below to configure it.
1. Sign in to your LastPass account on the browser.
2. Click the LastPass browser icon. Select Tools->My LastPass Vault.
3. In the LastPass Vault page, from the left pane, select Account Settings.
4. In the Account Settings page, select the Multifactor Options tab.
5. In the Google Authenticator row, click the pencil icon to enable the app.
6. In the Google Authenticator dialog box, from the Enabled drop-down menu, select Yes.
7. Then, click the View link in the Barcode section to display the barcode.
7. You will then be asked to enter your LastPass account password.
8. Next, on your smartphone, open up the Google Authenticator app, tap Begin setup->Scan a barcode on your phone and scan the code you see on the screen. If you don’t have a barcode scanner on your phone, you will be given a link to install one.
9. On your mobile phone, you will be asked to save the LastPass key.
10. in the next screen, on your phone, click Open link.
11. You are now set to receive codes for LastPass. You will receive a code with a time ticker showing you the time within which you must use the passcode.
12. On the web browser, close the bar code and click Update in the Google Authenticator dialog box.
13. You will be required to enter your LastPass password again.
14. In the next screen, enter the code you see on your mobile.
15. Your settings will be successfully updated. Click Ok to close the window.
The Account Settings window will indicate that Google Authenticator app is enabled. You can close this window as well.
The next time you sign in to your account, you must provide your master password as well as the Authenticator-generated security code.
You can set LastPass not to prompt you for the security code on your PC, but that would defeat the purpose of two factor authentication if you do that, so its best not do do it.
Also run through the LastPass Security Challenge to weed out duplicate passwords or weak passwords and strengthen your passwords.
As we spend more and more time connecting with various services online, it is becoming ever more important to stay secure. And for now at least, it looks like two factor authentication is the best way forward. So be sure to sign up for this service for all your accounts, where available.