Fig. 14.1 shows how to activate TFA for Microsoft accounts.
There are two ways in which TFA can rear its head—a security code or an app password. If a user has enabled TFA, after logging-in with Microsoft account credentials (user name and password), you might be prompted to enter a security code or an app password. A security code is needed if a user is using a trusted PC to sign-in to Windows 8 with a Microsoft account. Microsoft will send an SMS that contains the pass code to the user’s mobile phone (Fig. 14.2). You must enter this pass code on the website or in Windows.
An app password is needed for those apps or devices that do not work with the security code system. For example, for Microsoft Outlook 2013 (Fig. 14.3), if you had previously configured Outlook for Hotmail or Outlook.com and then configured the underlying Microsoft account, the next time you use the application, you will be prompted to enter your credentials again. And you will need an app password because your normal password will not work.
You can get an app pass code in the security info section (https://account.live.com/proofs/Manage) on Microsoft account management website (https://account.live.com/) as shown in Fig. 14.4. Just click on Create A New App Password under App password. When you do that, you will be provided with an app password that you can type (or copy and paste) into the application.
Microsoft provides a mobile app called Authenticator that can generate these codes even where there is no network coverage (offline mode).
In the Authenticator app on a Windows phone, click on Add (+) App to add your account. Then, click Scan. The app will quickly scan the QR code, which is shown at step 3 in Fig. 14.5. Now, click Pair to complete the process. The app will generate a new pass code automatically after every 30 seconds. If you ever need to use a code to sign-in to your Microsoft account and the phone is offline, you can use this app to get the code.
Dropbox is a great source for storing data and sharing information across the Internet. An extra layer of security can be activated in Dropbox security settings, where a user has to register his or her mobile phone number to do so (Fig. 15).
Most of the popular mail websites, such as Yahoo! and Gmail, have already integrated TFA for accessing user accounts and their mailboxes. You can enable TFA in Yahoo! Mail by simply selecting Check This Box To Turn-On The Second Sign-In Verification as shown in Fig. 16. Once this is done, you can register your mobile phone number to get further pass codes from Yahoo! during the login process.
Amazon web services
If you use Amazon’s web services, such as Amazon S3 or Glacier storage, you can protect your accounts by enabling TFA via Google’s Authenticator app for Android, iOS, Windows Phone and BlackBerry (Fig. 17). This app can be downloaded on a mobile to access Amazon services securely.
If you are a blogger and do not want anyone getting unauthorised access to your account, the WordPress blogger website provides an extra layer of security. It also supports Google Authenticator app for Android, iOS, Windows Phone and BlackBerry. This feature can be activated in WordPress account settings as shown in Figs. 18.1 and 18.2.
In the concluding part of this article, next month, we will see how much does TFA cost, with an exhaustive list of the various tokens/services available
Hari Om Prakash is working as a scientist at Systems Engineering Group,
ADRIN, Department of Space