How to Avoid Being Hacked – Two-Factor Authentication

Multi-factor authentication (MFA) makes it much harder for a hacker to get access to your online stuff, and the most common form of consumer MFA is two-factor authentication (2FA). A very common form of 2FA is the debit card. One factor is the card itself, which contains magnetic identifying info (these days, a chip), and a PIN that you provide when you stick the thing in an ATM machine. It’s simple and fairly good at keeping others out of your ATM-accessible cash. 2FA is important for your online accounts, such as email and your iCloud accounts.

While I admit it can be a bit of a pain to have to do something additional to get into your account, it’s far less of a pain than having one’s identity stolen, losing access to your email, or answering to your friends who wonder why you have said such crazy things about them (unless, of course, you actually said those crazy things!). Or, heaven forfend, someone logging in as you on one of your gaming accounts.

Here’s how 2FA or two-step authentication works for a couple of different online account types. (Note, these services change things up from time to time, so it’s good to keep abreast of such changes.)

Setting up Google 2-Step verification

First you log in with user name and password (we’ll get to choosing smart passwords in Part 3) to your Gmail account. There should be an avatar in a circle near the upper-left hand corner of the window. Maybe it’s even a photo of you. Click on it and you’ll see “My Account.” (Incidentally, this changes every couple of years) On the new window that opens up, click on “Sign-in & security.” Click on “2-Step Verification,” then on “Get Started.” Time to enter your username and password again. Enter a phone number and click on whether you want to receive a text or a phone call. Then you magically get a text or phone call with a 6-digit verification code. Type it in and select the option to turn on 2-step verification. It’s that easy. Okay, it’s several steps, but not that hard.

It may be that you prefer to collect your Gmail with some other app, like Outlook, rather than using a browser to go to the Gmail page for your mail. If so, it may be that once you’ve turned on two-step verification, your Outlook (or other app) keeps telling you that you have the wrong password, even though you know darn well it’s right. This has happened to me. You probably need to have Google give you a specific app password that Google will generate for you. You’ll need to go to the App passwords page, which at the time of this writing is here.

Select the app you want it for (if Outlook, then you would select “Mail”), then the device you are using (Google magically presents a list of the devices you use with their services). Then select “Generate.” It will show you a 16-digit number in a yellow bar for you to use as your new password for that app (Outlook, eg) on that device (don’t enter the spaces). You can save that password in your app and you may need that number again in the future.

Yahoo!

Yahoo! is similar: sign into your account, go to the account security page, click on “two-step verification,” and toggle the button there to turn it on. Select an option to get a text or a phone call for verification. Enter the code that comes to you via text or phone call. At this point, you can create an app password, similar to the Google process above for your various apps like Outlook or Apple (iOS) Mail.

iCloud

Now, let’s set up 2FA on your iCloud account. First, you have to have a passcode set on your iPhone or iPad.

Click on the Settings app. If your device uses iOS 10.3.3, click on your name (or the name of the account you use to sign on), then on “Passwords & Security.” Did I mention that this will change as Apple keeps us on our toes by changing everything up once we’ve gotten comfortable with the previous version? In the most recent previous version, you would have clicked on Settings, and then on iCloud, then your name, then Password & Security. But I digress…

Now tap “Turn on two-factor authentication.” Be prepared to answer some security questions – which we’ll be discussing in a future article – and then enter the phone number where you want to receive the code for 2FA, and as previously, select whether you want a phone call or a text.

Macintosh

For a Mac, open System Preferences, and select iCloud, and then “Account Details.” You might have to login using your Apple credentials. As above, answer your security questions if it asks, enter the phone number where you want to receive calls or texts for verification. Once again, a magical robot instantly sends you the code and you have to enter that into the field that awaits your answer.

Once it’s turned on, you’ll get a message asking for approval if an unknown device or location signs onto your account. Note that on a Mac, that notification can sometimes be on a window that is hidden behind another, so look for that if you find you’re having troubles with getting the approval request.

Speaking of troubles, it seems like a lot of work to have two-factor authentication, but once it’s set up, it’s not too much of a pain and will add considerable safety to your accounts, as well as considerable barriers to potential hackers. So do it!

Next time, we’ll discuss passwords, passcodes, and why you shouldn’t fill out those fun questionnaires that all of your friends send you.

Next, in part three: Choosing smart passwords and secret questions (aka, giving away the form).

The Value of EnCE Certification

The value of computer certifications in general is debatable. For many certifications it is possible to simply study a book, maybe purchase some Transcenders, take the exam and call yourself “certified.” I know several people who have brought “certified” individuals in for interviews and sat them down in front of relevant operating system or piece of equipment only to find that this person either has no idea how to log on or to power on the equipment.

Guidance Software has nullified this concern with the EnCase Certified Examiner (EnCE) certification. While you could theoretically pass the written portion of the exam by studying a book such as The Official EnCase Certified Examiner Study Guide by Steve Bunting and William Wei, the practical portion of the exam requires at least a moderate amount of experience with computer forensic analysis.

Even for the experienced examiner there are portions of the exam that can prove challenging. In some cases the challenge is derived from the fact that the certification candidate has not performed a particular analysis technique before. In other instances the challenge is in bringing seldom used analysis techniques to the forefront of one’s mind.

Regardless of how the certification candidate is challenged, one thing holds true: Guidance Software has built the EnCE exam to test and reinforce the tenets of computer forensic analysis.

I read a post in a computer forensics forum recently in which the poster was asking about computer forensics certifications. The post is several years old but still relevant and somewhat humorous. The individual was looking for information about the EnCE certification. He claimed to be looking for a certification that would help him increase his salary and enhance his ability “to get girls” and wondered whether the EnCE was his ticket.

In terms of the EnCE’s ability to help him increase his salary, I’d say it depends on the employer. Some employers value the commitment that it takes to obtain a certification and will reward the individual appropriately, whether by salary increase or perhaps a bonus. Other employers will view a certification as something that is just “nice to have” and let you go on your merry way.

In my opinion, certification (and the EnCE in particular) is a way to validate your skills. Computer forensics is a niche skill and while there may be a number of people out there who say they have used EnCase or “done forensics” before, there are not a tremendous number of people who have validated their skills by becoming certified. My advice to the previously mentioned prospective certification candidate is that the EnCE certification will make you stand out from the rest of the application pool being received by potential employers.

Sure, there is always that guy who has no education beyond high school and no technical certifications but is an absolute genius when it comes to things IT. Unless you know this guy and have worked with him though, when it comes to the interview he’s just a guy who has some computer experience. If you go in to the same interview with some experience and the EnCE, you win (in my opinion) because you have the experience and the certification to validate that experience.

I was married prior to obtaining the EnCE so I can’t really opine on whether or not said certification enhances one’s ability “to get girls.” If I were a betting man, which I am, I’d say no. A technical certification may have worked to his advantage in the mid-Nineties but these days most certifications are so dime-a-dozen that girls just aren’t impressed anymore.

Securely Wiping Computer Hard Drives Before Discarding

In the Linux operating system(which is free), the super user(root) has raw access to disks and partitions on the disks in the machine. The general idea is to write random data generated by the Linux operating system, to the hard disk.

The situation often arises where an individual needs to throw away an old computer, but does not want the data on the disk of the old computer to be accessible if someone retrieves it via dumpster diving. There might still be data stored in the motherboard or some of the peripherals, but that is beyond the scope of this article. Ideally, the disk platters should be physically destroyed, but due to hardware or cost constraints, this might not always be possible.

A free way to wipe the data on the disk involves using a bootable Linux disk to write random data to the disk multiple times. Here is the general procedure:

  1. Boot the machine off a Live Linux disk such as Knoppix, BackTrack or Gentoo installation disk
  2. Identify the dev node in /dev corresponding to the disk that is to be wiped.
  3. Use dd to read pseudo-random data from the kernel and write it to the disk.

1) Booting off a Live Linux Disk

Live Linux disks are CDs/DVDs that a compatible computer can be booted from rather than booting from the Operating System installed on a hard disk. Live Linux disks are useful when the user wants to use the computer without leaving any trace behind, or modify the hard disks in the computer without booting the Operating System installed on them. BackTrack Linux is one such Live distribution of Linux and can be downloaded free at http://www.backtrack-linux.org/.

2) Finding the Dev Node

One way to find the right dev node is to match the known capacity of the disk in bytes with that reported in /proc/partitions. There should be some indication of capacity on the sticker of the disk. If not, the model number found on the sticker of the disk can be searched online and the capacity can be found that way. In Linux, both the raw disks and the filesystems on those disks appear as dev nodes in /dev. Since the goal is to wipe the whole disk rather than just a partition, the disk’s dev node rather than the partition’s dev node must be used. The disk and the partitions listed in /proc/partitions can be differentiated by looking at the last character in the name. Usually, partitions end in a digit, while disks end in a letter. The dev node to use is the file in /dev with the same name as the desired line in /proc/partitions. For example, sda refers to the first disk, while sda1 refers to the first partition on the first disk. In the example below, the computer has only 1 hard disk, sda. The sda disk has 2 partitions, sda1 and sda2. In order to wipe the disk, the /dev/sda dev node will be used.

I go through the exact steps that one would type into the Linux command line here:

http://www.neilscomputerblog.blogspot.com/2012/10/securely-wiping-computer-hard-disks-for.html