Improve your security with 2FA

Online Control Panel, Security, Tips & Tricks

Improve your security with 2FA

In today’s world, online security is absolutely paramount.

Your home or business premises is probably protected by several different physical security measures, such as door locks, motion sensors or a burglar alarm. In that respect, so too should your online assets be protected by various different methods. A thief who steals your front door key will often have another intrusion defence to deal with before they can gain access, so a hacker who obtains your online password should similarly also be confronted with a second line of defence.

This is exactly the situation that Two-Factor Authentication (2FA) is designed for.

What is 2FA?

2FA adds an extra layer of security to your Register365 account, by requiring you to enter a randomly generated code before you can gain access to your Online Control Panel. This is to safeguard against the possibility of a criminal obtaining your password and using it to log in; without that 2FA code as well, they’ll be unable to gain access.

What do I need to enable 2FA?

  • Smartphone or Tablet: The 2FA code can be generated by means of an app. There are many available, so which one to use is all down to your personal preference. One popular example is the “Google Authenticator” app, available in both the Apple and Google app stores.
  • Desktop or Laptop: You could use either a website or a browser plugin to generate the code. The “Authy Authenticator” is one possibility, and is available as both a website or a browser plugin. There are others available though, so we recommend trying a few to find the one you prefer the most.

How do I activate 2FA?

This second layer of protection can be activated within the Security Settings section of your Online Control Panel. Here you will find a tutorial that walks you through the process:

https://www.register365.com/support/articles/enabling-two-factor-authentication-for-the-control-panel/

What other steps can I take to protect my account?

Change your password regularly: Keeping the same password for months (or even years!) at a time is extremely risky. We recommend changing your account password several times a year, and whenever you have reason to believe it may have been compromised.

For convenience, our Online Control Panel will display the last date/time that your password was changed. This guide explains how to change your account password:

https://www.register365.com/support/articles/updating-your-account-details/

Use a unique password: We recommend not to use the same password for multiple websites/services. The password you choose for your Register365 Online Control Panel (or indeed any other website) should be unique, and not used anywhere else. That way, if any account you have elsewhere is hacked, the perpetrator will not be able to use that same password to try and gain access to other services you may have.

Use a strong password: Your password should contain a mix of letters, numbers and symbols. It also shouldn’t be based on a dictionary word, and should be reasonably lengthy. All of these measures will make it much harder both for hackers to guess the password, and also for automated bots that repeatedly try various combinations; the longer the password is, the longer it will take them to crack it.

When updating your password in the Online Control Panel, you will see a strength indicator that gives an idea of how secure your new password is. You will not be able to set a new password unless it meets our requirements.

Use a Password Manager: You probably have a number of online accounts with various websites. Trying to remember all of those different passwords can be difficult, so we recommend installing a password manager browser plugin. This will provide you with an online vault for storing all of your passwords, which will itself be protected by a master password and 2FA. There are many available for you to choose from, but a popular one is known as “1Password”.

Be alert for phishing emails: A phishing email is one that has been carefully crafted to resemble an email from a legitimate company, such as a bank. These emails will often contain spelling or grammatical errors, as well as links that direct you to mis-spelt domains that may contain malware.

Always be suspicious of any emails informing you that you need to change your password, or verify your details. Never click the links in such emails, and always double check which website address they are taking you to. If in doubt, contact the company who the email is purporting to be from and check if it is a genuine communication.

Any questions?

If you have any further queries about activating 2FA, or account security in general, please give us a call on 01 5255768 or submit a support enquiry via your Online Control Panel.