We have great news! 2FA (i.e. Two-Factor Authentication) is now available at Shellter Labs and you can make your account more secure by enabling it.
Someone may ask: But what is 2FA and what is this for?
Don’t worry! We will tell you in a bit…
2FA in a nutshell
As mentioned before, 2FA stands for Two-Factor Authentication. This solution provides an extra layer of security to your account by requiring an extra step during your authentication process. In other words, after you submit your username and password, you will be asked for an unique dynamic and random code.
So, even if someone knows your password, this person would still need the second code to authenticate in your account.
Ok, but what is this code and how do I get it?
You can view this code on a trusted device of yours or you can use a Yubikey (https://www.yubico.com/start/) if you have it.
It is important to notice that not always the second factor means it is a code or a Yubikey.
So, tell me more about authentication factors…
In security, we usually say that we have three categories of authentication, also known as authentication factors, which are:
- Something you know: This is the most common form of authentication. It is asked the user something that he/she knows, like a password or a secret.
- Something you have: This factor uses something the user has, like a smartphone or a security token.
- Something you are: This one is related to your personal attributes in a biological and physical way, and uses biometrics such as your fingerprint, voice or face.
As you can imagine… Two-Factor Authentication uses two of these categories. 🙂
And now you know why 2FA dramatically improves the security of your account.
Great! How can I setup Two-Factor Authentication on my Shellter account?
- First, go to your Account / Settings, then choose tab “Enable two-factor authentication”
- Select which authentication method you would like to use
- If you chose the ‘Token Generator’, you will need to have an app like Google Authenticator installed in your smartphone. Open the app, and point your camera to the qr-code shown in the screen (like the one below). Then enter with the token generated by app and click ‘Next’.
- Now you have a safe login with 2FA 😀
After you finish activating the 2FA in your account, be sure to save your backup codes. Backup codes can be used when your smartphone is not available. So, in case you phone run out of battery, or you lose it, we can still log into Shellter.
Good hacking, and be safe!