Month: May 2021

What is two-factor authentication, and how does it work?

two-factor authentication

One of the most basic security methods is the creation of strong passwords. The problem is after time, we all need to create not one password but plenty of them. For the personal and job e-mail, banking, taxation, social networks, video streaming service, shopping, etc.

This is bait for hackers. By cracking passwords, they can access all possible sensitive data from people. Besides, many people use the same password for different accounts, they don’t change them regularly, and they use really predictable information. This makes the job really easy for the shady guys.

What is two-factor authentication?

Two-factor authentication (2FA) is an authentication method in which users must prove their identities through two different ways to access their accounts. If they don’t provide the correct two factors, access will be denied.

2FA strengthens security by adding a layer of protection. It stops unauthorized people from accessing your sensitive information. Even if they get your user and password, they won’t access directly to your account. An extra factor still is needed.

How does the two-factor authentication (2FA) work? 

2FA adds a step to the regular log-in process. Besides, enter regular credentials (user and password), the users’ fingerprint can be required, or a code that the user will receive via mobile. That involves a separated device from the one you are trying to access, either a scanner or a mobile phone, meaning fewer risks. Regularly such codes are built with at least six numbers. The fewer numbers a code has, the easier it is for hackers to try combinations until they get the right one. This code is generated every time a user attempts to log in (user and password). It is called a verification code, passcode, or authenticator. That way, the identity will be double-checked to prevent hackers.

Without the second factor/step, logging in won’t be possible.

2FA uses several factors. The most common categories are the following.

  • Biological factors. It includes biological aspects like humans’ voices, eye retina, or fingerprints. 
  • Possession factors. A piece of information that can be physically possessed. A USB drive or a plastic card you have to insert on a specific spot to access. 
  • Software factors. Proves of identity supplied by software (applications, cryptographic key, etc.).
  • Knowledge factors. Specific, confidential information to access an account. A particular keystroke, the answer to a question, a code sent to your mobile, etc. 

Types of two-factor authentication (2FA)

There are different technologies available on the market. As you will see, the different factors can be combined to offer you stronger security.

  • Location authentication. Some accounts can require a second step to check the user’s location. When the user logs in with regular credentials (step one), this action triggers the verification of the location based on IP address or GPS coordinates. If your business has permanent regions, countries, or areas of operation, this can be a choice for you.  
  • Biometrics. This technology has become very popular, and it already offers a wide menu of choices. To prove your identity, you have to pass a recognition test. From fingerprint, hand geometry, voice, iris, retina, or face recognition, to gait (walking style), typing style, odour, and much more. 
  • Audio messages or SMS. Codes can be sent to users via SMS or voice message. 
  • Software tokens. They are applications that users install to generate and/or receive the necessary code they need as a second factor for accessing an account.
  • Hardware tokens. These are physical tokens that generate codes or the extra piece of information necessary for users to have access. 

Conclusion

Don’t take security for granted! To crack simple credentials is a piece of cake for hackers. Protect your online accounts and sensitive data with two-factor authentication (2FA).

{ Add a Comment }

Web hosting – explained for beginners

Web hosting

The process of creating a website, if you are passionate about your idea, is really exciting. Sometimes, as beginners, we think about important aspects like the design, content, a very attractive name, but we don’t consider the technical side.

One of the first needs that you will face is web hosting. Where on the Internet will your website live? Where are you going to store all its content and tech resources?

What is web hosting? 

It is the action of allocating space on a server to save all files (images, videos, text, code, etc.) belonging to a website. This action is a service provided by many different hosting companies. Web hosting is a must for your website (all the files that integrated it) to be accessed online. 

Think about it like the online space where your website will live. When you look for a web hosting provider, it’s like searching for an online home to rent. 

Types of web hosting

Servers are computers equipped with the necessary tech and connectivity to make your website available for the whole world or for a specific zone, whatever your goal is.

Thinking that a server will be your business home, you can get livable or a sophisticated, more or less independent and equipped home. Besides, there is a vast menu of plans and fees (even free choices) to cover all kinds of businesses’ needs. These are the main types of web hosting.

Shared hosting. It’s a cost-effective solution for beginners, small businesses, and even medium ones. You will have all the necessary tech features for your website to be online. What you need to consider is that many more websites will be hosted on the same server. And all of them will share the resources. If a “neighbor” has a special sale, it can suddenly get big loads of traffic. To manage such traffic will take more resources (bandwidth, processor power, RAM…). As a result, your website can be very sluggish. Put it bluntly, what happens to others, can negatively influence your site’s performance. 

Virtual Private Server (VPS). Again, your website will be hosted on the same server, next to many more “neighbors”. But there’s a big difference. Resources are not shared. Even living on the same server, every website has totally separated resources. No matter the e-shop next to you has a special sale, this won’t affect your site’s performance. It’s pretty affordable because to have many guests on the server means they all contribute to paying for the technology and maintenance of the server.

Dedicated server. This is a premium service. You can rent your own server for hosting only your website. No more sharing, bye “neighbors”. Absolutely all the resources and space will be for you to enjoy them. The price goes up considerably, but many big businesses for sure can afford this choice. If you have massive traffic and you look for total control of the server’s software, security systems, etc., this is for you. 

Cloud hosting. Traditional web hosting offers you to host the website through tech solutions installed on a server. Cloud hosting works through a network composed of multiple servers to host you. Scalability and flexibility are highlights of its infrastructure. 

Conclusion

If you are wondering which alternative to choose, the answer is, depending on what your website really needs and your budget. It’s easy to get dizzy while checking innovative and premium features, but why buy a private jet for a local trip around your city?

{ Add a Comment }

How does Traceroute command work?

Traceroute command

By the name of this command, you already know what it does, but let’s go a bit deeper and see precisely how the Traceroute command works. When you learn how to use the Traceroute command, you will see how useful it is and how often you will need it in your daily network’s tasks.

What is the Traceroute command?

Traceroute is one of the built-in commands inside your OS (Linux, macOS, and even on Windows as a tracert command) that serves for network diagnostic and, more specifically, for tracing the route from a point to a target.

You can access it through the Terminal application and use it to target a hostname or an IP address. The query will give you information about each of the elements on the network, starting with the first hop, all the way to the target. You will get useful statistics. The results will show you how exactly a query travels. The information can help you understand the route better, see if there is some strange routing going on, and plan your future network expansion for better and faster query answering.

How does it work?

There are many routers spread all around the world that help us resolve domain names and other web services.

Traceroute command will show the exact path the packets of data takes to their target. When we trace the route from our computer, we will need to open the Terminal and type “traceroute + IP address” or “traceroute + hostname”. 

If we use Wikipedia, we can do it like this: 

traceroute wikipedia.org, or traceroute 91.198.174.192

The typical Traceroute command will send 3 packets of data, so you will get 3 columns of answers. 

Each time a packet reaches a router (hop), it will report back to us with the hostname, the IP address, and the response time. 

You will see each hop in a different line. The total number of lines you can see in the first column of the result and shows the total number of hops. 

You can see the data each hop returns and see if there is a problem. A particular hop could be taking a too long time to respond, so you can increase the waiting time. Another problem that could occur is that the packet might get lost, but thanks to the traceroute command, you will know where exactly they get lost. This will be the problematic point that you can focus on and fix it. 

It works differently from the ping command because the Traceroute not only sends packets to the target but also pings each router on the way to the target and measures the route trip time for each of the routers.

The data packets have TTL values that show how far they can go. By default, it is set to 30, but you can set it to more or less. The value exists, so no packets are traveling forever on the Internet.

Traceroute command options

Here you have a few important options that you can try with the Traceroute command for more specific queries: 

traceroute -m 35 wikipedia.org 

In this case, we increased the TTL to 35, so if we are further away from our target, we will have 5 more hops to reach it than the default 30. 

traceroute -w 60 wikipedia.org

You can also increase the time to wait, not just the number of hops. That way, you can wait longer for a response but actually get one. 

traceroute -q 8 wikipedia.org

Here we are increasing the number of packets to 8, from the default 3. We can have a better view of the network with more packets sent. 

traceroute -T wikipedia.org

With the Traceroute command, you can change the interface for your query. In this case, we use T for TCP, but you can use -I for ICMP or -I for IP. 

{ Add a Comment }

Introduction to the Domain Name System (DNS)

Domain Name System - DNS

Running an offline business successfully doesn’t mean it will directly succeed online. The Internet is a different realm. It’s vital to understand its rules, methods, and its DNS. It’s complex but key for your online strategy to be more effective. 

What is DNS? 

Domain Name System (DNS) is the infrastructure that makes the Internet experience for humans as simple as it is nowadays. Its functionality is vast, but to start, it has in its core the database with the existent domain names and their corresponding IP addresses.

[Continue reading…]

{ Add a Comment }