As you are possibly aware as a business, we are passionate about security, everything we do is about keeping your sites and email secure. As a business we have a strict password management regime however we insist on any business we deal with have 2 factor authentication (2FA).
All our systems have this facility, like the Birch Hosting client area cPanel and the SSD Cloud packages. So you can set 2FA on all the panels you use with us, but if you login through the Birch Client area the 2FA isn’t needed when logging into your hosting panel as we use single sign on (SSO) so you only have to authenticate once in the client area.
If you go direct to the control panel then you would have to use the 2FA for that hosting panel.
How does 2FA work?
A number-based token which changes every 30 seconds, so every 30 seconds a new 6 digit number is created. This means when you login to cPanel hosting, Cloud Hosting or the client area you would login as normal, but then you would be presented with a second screen that requires you to input the 2FA number showing on your smartphone or smartwatch then your in.
The combination of the username password and the final 2FA makes it secure. So even if somebody had your username and password, they would not have the 2FA code so couldn’t get access.
How do I install 2FA on my phone?
There are a number of 2FA apps on the APP store and google play including the original Google authenticator. We have recently moved from Google authenticator and started to use Authy, the reason for this is Google Authenticator has no way of backing up the configuration. This means that if you change your phone, you have to go through the setup process again with the new phone.
This isn’t as simple as it first seems because you have to login to each account and disable with your old 2FA with your old phone then setup with the new phone. You have possibly guessed already that’s fine providing that you have the phone, and you haven’t lost it or it’s become faulty.
The other disadvantage in the past is we would always have a backup device in our case an iPad with the same codes just in case. This would mean when we are setting up the 2FA we would have to scan the QR Code with both devices on setup, what an absolute pain!
Authy is different as you get free encrypted cloud storage where its kept, so when you want to add a new device you have to enter your phone number that you registered with and you can authenticate with another device already connected or SMS. Once you have authenticated you will then see all the 2FA accounts on the new device. Before you can use the accounts you have to enter the password that you created on setup to decrypt, that’s it you are up and running on a new device all using the same codes.
Authy currently has MACOS, IOS, Android and windows apps and they can all be synced with each other.
Why so much talk about Authy
Well its free and keeps you secure, its rarely that I get passionate about an app, however this one has saved me so much time when I setup my new device, I had to share. I also know now if I need to add another phone or PC even apple watch it’s a couple of minutes job. I also believe that most do not use 2FA for exactly the reasons above like losing your phone or adding a new device is so time consuming.
How do I get started?
First download the 2FA app of your choice then go to password and security in the client area to setup 2FA, in cPanel go to the 2FA section to setup 2FA and in the cloud hosting go to the your account section of the hosting panel.
Once you enable in any of the systems you will be provided with a QR code and this will allow you to add to your phone, the steps are self-explanatory.
So should you use 2FA? Without a doubt you should.
Of course, if you do get stuck, please don’t hesitate to get in touch.