We’ve said it once, we’ve said it twice, we’ve said it one hundred times.
Hardening the security of your accounts with two-factor authentication (2FA) can dramatically reduce their chances of being hacked.
If you think that it’s enough to protect an online account with just a username and password then you’re missing the fact that:
Even if you aren’t making any of those mistakes then your password could be stolen by a hacker through phishing or keylogging malware.
Two-factor authentication, however, provides an additional safety net – even if your password falls into the hands of cybercriminals. That’s because 2FA turns logging in from being a single step operation (enter your username and password) to a two-step process (enter your username and password, and now enter a one-time code generated by an app such as Google Authenticator on your smartphone or other device.)
Malicious hackers might have managed to grab your password, but unless they have physical access to the device you use to generate your 2FA code they’re going to find it a lot more difficult to access your account.
So I’m delighted to read that Zoom has now made two-factor authentication available to all users of its video-conferencing plaform.
With the featured enabled users won’t be able to sign in to the Zoom web portal, desktop client, mobile app, or Zoom Room without their code.
With many staff currently working remotely due to the COVID-19 pandemic, it’s pleasing to see that Zoom has provided the ability administrators to protect their users by setting a 2FA policy for all users, users with specific roles, or users in specific groups.
Of course, individual users can also enable 2FA as well. Simply log into your Zoom Dashboard, choose Profile, scroll down to “Two-factor Authentication” option, click “Turn on” and follow the instructions.
Users can choose whether to use 2FA via an app that supports the TOTP (Time-based one-time password) protocol or have Zoom send a code via SMS or phone call. For a higher level of security, I recommend the app-based 2FA option.