J. Gavin Ray
  • Home
  • Tag
  • Author
Sign in Subscribe
Account Management

Web Browsing and Account Management - Part 2

  • J. Gavin Ray

J. Gavin Ray

Apr 5, 2020 • 2 min read

Introduction

This is the third and final article in the in a series that presents an opinionated and hopefully simple way to protect your online accounts. To see the motivation as to why I'm writing this article, please see the first article in this series.

Recap
In the previous article we setup Google Chrome with some extensions, one to ensure that you're traffic on the internet is encrypted, and we setup the password manager LastPass.  So you may be thinking something along the lines of: "You've already had me install something to manage my passwords, and there is no way I could remember let alone type one of those passwords.  Why do I need this as well?".

That is a good question and a fair one, we've added these extensions specifically to make life easier - so you don't have to remember to look on your web browser to see if it has a little green lock.  We also have removed the need for you to think of and create passwords that are hard for you and a computer to remember.  

The ATM Machine Example
This last piece can be likened to using ATM machine, when you use an ATM you go through three steps:

  1. You identify you are in the right place.  When you go to an ATM you can typically find them at a familiar place like the bank itself, a grocery story, etc.
  2. You pull out your debit or ATM card and insert it into the machine.
  3. You enter your pin number into the ATM machine to get access to your account.

So with the work in the previous article we have completed the first and third steps.  
You can have a certain level of confidence knowing that you are in right place because it is familiar, for example a bank like Chase Bank or https://www.chase.com/.  Also by using HTTPS Everywhere, you can have a measure of confidence that whatever you send to that website is encrypted and can't be read by anyone else.

The third part of this is the pin number that we use to access your account.  This pin number or password is now being generated and managed by LastPass.  Also if you ever happen to find yourself in a site that is clamming to be something that it is not.   LastPass will not automatically attempt to fill in your login information for that particular site.

The last past thats missing in this case is the ATM card.  Which is a great segue into the Multi-factor authentication.

Multi-factor authentication

Multi-factor authentication and is used a way to verify you are who you claim do be by using something you know (password) and something you have (like an ATM card).  For this section we will be using our cell phone as the something we have.  For this particular part we will be using a software called Authy.  Authy is a free software that creates a second check to verify that you have a physical item (again think ATM card) that is allowed to access your account.  As of the time of this writing, Authy can be used to provide this second check for email accounts, banks, social media accounts and many more.

Step number one though is to download the software from https://authy.com/download/.  So while I said above we are going to use our cell phone, the reality is that Authy can be run in your web browser (or Chromebook), on your Windows machine, or on a Mac.  But to keep things simple and opinionated please use the Android or iPhone option.

Step number two is to add an account to Authy.  Let's use our new LastPass account!

Sign up for more like this.

Enter your email
Subscribe
Use your own hardware or use other people's computers?

Use your own hardware or use other people's computers?

A colleague of mine approached me recently and asked me why anyone would own their own hardware in 2023.  Specifically because the cloud is "limitless" (pro tip it's not :) ), and cheaper.  Owning servers and using cloud computing are two popular options for businesses to store, manage, and process their data.
Feb 8, 2023 5 min read
Lessons Learned in Decade 0

Lessons Learned in Decade 0

The year 2022 was the year I completed my first decade in the tech industry.  The day I realized that not only had I made a decade in industry but I still enjoyed it immensely was a special one for me.  I am not a classically trained engineer, I don't
Jan 25, 2023 5 min read
Why did I join Machinify?

Why did I join Machinify?

When I started to look for my next career challenge in September of 2021, I was talking to recruiters at Google, Meta, and other fortune 100 companies, and had landed a couple of compelling offers. I ultimately decided to join Machinify. Why choose a startup I've never heard of before?
Mar 20, 2022 3 min read
J. Gavin Ray © 2023
  • Data & privacy
  • Contact
  • Contribute →
Powered by Ghost