Sanadihii ugu dambeeyay fikrad cusub oo amniga ayaa ka dhigtay cinwaannada - xaqiijinta laba-tallaabo ama xaqiijinta laba-factor (2FA). Dhammaantood waxay ku bilowdeen Google oo awood u siinaya isticmaaleyaasheeda, tan iyo markaas, shirkado badan ayaa raacay tusaalahooda, oo ay ku jiraan Microsoft , Apple , iyo Facebook . Xitaa shirkadaha ciyaaraha ayaa ku biiray isbeddelkan. Haddii aad jeclaan lahayd inaad fahamto waxa xaqiijinta laba-factor yahay, sida ay u shaqeyso, sababta aad awood ugu yeelan karto iyo halka aad ka akhrido maqaalkan:

Waa maxay xaqiijinta ama xaqiijinta laba-tallaabo?

Xaqiijinta laba-factor waa hannaan ammaan oo ku lug leh laba marxaladood oo lagu xaqiijinayo aqoonsiga qofka ama hay'adda isku dayaysa inay hesho adeeg nooc kasta ah (e-mail, shabakad bulsho, bangiyada, iwm.). Fikraddan waxa kale oo loo magacaabay xaqiijinta laba-tallaabo, waxayna u baahan tahay laba ama in ka badan oo ka mid ah saddexdan arrimood ee xaqiijinta: qodob aqooneed, arrin lahaanshaha, iyo cunsur asal ah.

Xaqiijinta dhaqameedku waxay ku lug leedahay hal ama laba ka mid ah saddexda arrimood ee hore loo sheegay. Tusaale ahaan, haddii aad rabto inaad isticmaasho adeeg sida e-mailka ah, xaqiijinta dhaqameedku waxay ku lug leedahay ogaanshaha magaca isticmaalaha iyo erayga sirta ah. Aqoonta^(Knowledge) waxaa lagu xadi karaa siyaabo kala duwan dadkuna waxay ku ogaan karaan isticmaalkooda iyo furahaga labadaba, ka dibna macluumaadkaas ayay u adeegsadaan inay iska dhigaan, ama ay xadaan xog qiimo leh oo dhibaato kuu geysan karta.

Dunida dhabta ah, xaqiijinta dhaqameed waxay ku lug yeelan kartaa qodobka aqoonta iyo qodobka lahaanshaha. Tusaale ahaan, marka aad u tagto ATM- ka si aad lacag caddaan ah u hesho, waxaad isticmaashaa debit-ka ama kaarkaaga (credit card) iyo PIN -ka (aqoonyahanka). Si kastaba ha ahaatee, labadaba PIN -ka ama macluumaadka ku qoran kaarka deynta waxaa lagu xadi karaa siyaabo kala duwan, iyo dhinacyada aan la ogolayn waxay samayn karaan macaamilo online ah iyagoo isticmaalaya lacagtaada. Taasi waa sababta fikradda 3D Secure loo sameeyay si ay u bixiso lakab ammaan oo dheeri ah oo loogu talagalay macaamilka credit card iyo kaarka deynta.

Marka la isticmaalayo xaqiijinta laba-tallaabo ee adduunka dhijitaalka ah, arrin saddexaad ayaa lagu daraa: qodobka lahaanshaha - badiyaa casrigaaga ama taleefanka gacanta. Qalabkan waxaa loo isticmaalaa marxaladda labaad ee xaqiijinta aqoonsigaaga. Tusaale ahaan, marka aad gasho akoonkaaga iimaylka, waxa aad marka hore bixinaysaa magaca isticmaalaha iyo eraygaaga sirta ah. Kadib, waxaa lagu weydiinayaa inaad keento erayga sirta ah ee waqtiga ku salaysan kaas oo dhacaya dhowr ilbiriqsi gudahood. Furahan waxa lagu soo diri karaa email kaaga, casrigaaga, ama waxa samayn kara app-ka xaqiijinta sida Google Authenticator ama Microsoft Authenticator .

Shirkadaha iyo adeegyada qaarkood waxay sidoo kale bixiyaan aaladaha aqoonsiga jireed kuwaas oo si joogto ah u soo saara koodhadhka aad u baahan tahay inaad isticmaasho si aad u dhamaystirto habka xaqiijinta. Tusaale ahaan, bangiyo badan ayaa bixiya qalabyo muuqaal ah oo loogu talagalay xaqiijinta laba-tallaabo, si aad u gasho akoonkaaga bangiga internetka. Sidoo kale, PayPal waxay tan u qabataa dalal dhowr ah, oo uu ku jiro USA .

Sidee buu u shaqeeyaa xaqiijinta laba-factor?

Hirgelinta xaqiijinta laba-tallaabo ayaa badan, mana tagno faahfaahin ku saabsan dhammaantood sababtoo ah maqaalkani wuxuu noqon lahaa mid aad u dheer.

Hirgelinta ugu caansan waa habka Google ee ku salaysan TOTP - Time-based One-time Password Algorithm . Marka xaqiijinta laba-tallaabo loo oggolaado akoonkaaga, server-ka gaarka ah wuxuu soo saaraa furaha sirta ah / koodka cusub hal mar labadii ilbiriqsi kasta. Qalabka erayga sirta ah kula wadaaga waxa uu u baahan yahay in lagu la jaanqaado server-ka si koodka aad geliso inta lagu jiro tallaabada labaad ee xaqiijinta uu u dhigmo midka ku jira server-ka. Haddii aaladda wadaaga erayga sirta ah uu ka baxay wada shaqaynta, ma dhammaystiri kartid xaqiijinta aqoonsigaaga.

Algorithm-kan waa kan ugu caansan ee laga helo khadka. Shirkado badan ayaa isticmaala, oo ay ku jiraan Google , Microsoft , Apple , Facebook , Evernote , Dropbox , WordPress , MailChimp , iyo LastPass .

Si ay kuugu fududaato inaad fahamto sida laba-arji oo xaqiijin ah u shaqeyso, aan soo qaadano tusaale ahaan Fortnite , ciyaar caan ah oo internetka ah oo dad badani ciyaaraan. Mar haddii aad u habaysay aqoonsiga laba-factor (2FA) ee^{((2FA) for your Epic Games)} koontadaada Epic Games (abuurayaasha Fortnite ), kuma filna oo keliya inaad bixiso magacaaga isticmaale iyo eraygaaga sirta ah si aad u gashid in la sameeyo.

Koodhka sirta ah ee dheeraadka ah waa ku meel gaar, adiguna waxaad tahay ka keliya ee yaqaan. Qof kale ma aha inuu awoodo inuu helo, maadaama aad kaliya ka heli karto koodkan app-ka xaqiijinta (sida Google Authenticator ) ama fariin iimayl ah oo aad ka hesho Ciyaaraha ^(Games)Epic . Koodhadhka xaqiijinta laba-geesoodka ah ayaa isbeddela dhowr ilbiriqsi kasta, marka waa inay noqdaan kuwo aan macquul ahayn in la qiyaaso.

Haddii aad bixiso koodka xaqiijinta laba-geesoodka saxda ah, waxaad saxeexday akoonkaaga Fortnite . 30ka maalmood ee soo socda, maahan inaad ku bixiso koodka 2FA qalabkii aad hore ugu soo gashay. Si kastaba ha ahaatee, dhamaadka 30ka maalmood ama haddii aad isku daydo inaad ka soo gasho qalab cusub, waa inaad bixisaa 2FA code ansax ah mar labaad.

Xaqiijinta laba-factor ee qaybta bangiyada

Habka kale ee caanka ah waa kan ay isticmaalaan bangiyada iyo bixiyeyaasha kaararka deynta. Waxaa lagu magacaabaa 3-D Secure , waxaana loo isticmaalaa in lagu ansixiyo macaamilka maaliyadeed ee lagu sameeyo internetka. Habkan hubinta laba-tallaabo ah waxa uu ku lug leeyahay saddex qaybood: domainka baayacmushtarka ama bangiga lacagta la siinayo, domainka bangiga ee bixiya kaadhka la isticmaalayo iyo kaabayaasha taageera nidaamka 3-D.

Nidaamkani waxa uu isticmaalaa oo keliya xidhiidhada SSL ee sugan ee samaynta wax kala iibsiga onlaynka ah iyo, wax kala iibsiga si loo ansixiyo, waxaad u baahan tahay sir gaar ah, oo ay weheliso faahfaahinta magacaaga iyo kaarka deynta. Furahani waxa uu noqon karaa mid ku meel gaadh ah oo wakhtiga ku salaysan, ama waxa uu noqon karaa mid joogto ah oo aad dejisay isticmaaluhu. Arrin kale oo muhiim ah ayaa ah in erayga sirta ah aanu kaydin ganacsatadu ama bangiga lacagta la siinayo. Erayga sirta ah waxaa yaqaan kaliya server-yada bixiya kaabayaasha borotokoolka 3-D. Sidaa darteed, haddii ganacsadaha la jabsado, jabsadayaashu ma heli karaan eraygaaga sirta ah ee 3-D Secure.

Maxaad ugu baahan tahay xaqiijinta laba-geesoodka ah?

Sababta ugu weyn ee ay tahay inaad u isticmaasho xaqiijinta laba-tallaabo waa inaad naftaada ilaaliso. Adigoo isticmaalaya lakabkan dheeraadka ah ee ilaalinta, waxaad ku adkaynaysaa dhinacyada aan la rabin inay aqoonsigaaga internetka ka xadaan oo ay xadaan xogta shakhsi ama maaliyadeed.

Markaad 3-D Secure u isticmaalayso macaamil ganacsi, waxaad ku adkaynaysaa tuugta inay xado lacagtaada. Way u fududahay iyaga inay nuqul ka sameystaan ​​faahfaahinta kaadhkaaga laakiin waxay ku adkaan doontaa inay helaan eraygaaga sirta ah ee 3-D Secure.

Goorma ayay tahay inaad isticmaasho xaqiijinta laba-factor?

Ku darida tillaabada xaqiijinta labaad waxay dhib ku tahay qof walba laakiin lama huraan u ah in xisaabaadkayada iyo xogtayada aan gaarno. Waxaan aad ugu talinaynaa inaad karti u siiso oo aad isticmaasho xaqiijinta laba-tallaabo ugu yaraan noocyada adeegyadan:

• E-mailka^(E-mail) - Sanduuqaagu^(Inbox) waxa uu kaydiyaa qadarka ugu badan ee xogta shakhsi ahaaneed ee dhammaan akoonnadaada onlaynka ah. Dadku waxay basaasaan karaan taariikhda iimaylkaaga, baran karaan magaca isticmaalaha bangigaaga iyo xisaabaadka PayPal , wax badan ka bartaan shaqadaada, xidhiidhadaada, iyo tafaasiil kale oo badan oo muhiim ah. Xaqiijinta sanduuqaaga boostada ayaa ah waxa ugu horreeya ee ay tahay inaad sameyso.
• Bangiyada khadka ah iyo macaamilka maaliyadeed^{(Online banking & financial transactions)} - haddii aad sameyso bangiga internetka, haddii aad wax ka soo iibsato Amazon , eBay ama dukaamada kale ee internetka, waa inaad xafiddaa credit ama kaarka deynta. Weydii bangigaaga wax ku saabsan 3-D aamin ah iyo laba-tallaabo ikhtiyaarka xaqiijinta ee ay bixiyaan, awood oo isticmaal.
• Kaydinta furahaaga sirta ah^{(Storing your passwords)} - dad badan oo ilaalinaya amniga ayaa isticmaala adeegyada sida LastPass , Roboform ama KeePass . In la sugo waa muhiim. Haddii eraygaaga sirta ah la xado, qolooyinka aan la fasixin waxay heli karaan dhammaan furahaaga sirta ah waxayna kuu geysan karaan waxyeello badan.
• Isku xirka bulshada^{(Social Networking)} - Dhammaanteen waxaan ku kaydinnaa xog badan oo shakhsi ah shabakadaha bulshada sida Facebook , Twitter , ama Instagram . Haddii kuwa kale helaan xogtaada, waxaa laga yaabaa inay helaan waxyaabo badan oo aad doorbidi lahayd inaad sir u ahaato. Tusaale ahaan, haddii aad leedahay lamaane xaasid ah, waxaa laga yaabaa inay hore u yaqaaneen furahaaga Facebook oo ay isha ku hayaan waxaad samaynayso. Naftaada ilaali oo awood laba-geesood xaqiijin

Sida loo suurtageliyo xaqiijinta laba-factor ee akoonnadaada ugu muhiimsan

Guud ahaan, awoodsiinta xaqiijinta laba-factor waxay la macno tahay inaad gasho akoonkaaga internetka oo aad u gudubto eraygaaga sirta ah iyo goobaha amniga. Kadib, haddii aad u isticmaali karto xaqiijinta laba-factor ee akoonkaaga, waa inaad u heshaa ikhtiyaar. Haddii 2FA la heli karo, awood u siintu waxay la macno tahay raacitaanka dhawr tillaabo oo aad doorato habka aad doorbidayso (badanaa, taasi waa xaqiijinta emaylka ama app-ka xaqiijinta ee talefanka gacanta). Si aan kaaga caawino awood siinta iyo adeegsiga xaqiijinta laba-geesood ah, waxaan daabacnay dhowr tilmaamood oo daboolaya qaar ka mid ah adeegyada khadka ee ugu caansan:

• Sida loo awood ama u joojiyo xaqiijinta 2-tallaabo ee akoonkaaga Google^{(How to enable or disable 2-step verification for your Google account)}
• Aqbal ama diid codsiyada soo gelista akoonkaaga Microsoft addoo isticmaalaya Android^{(Approve or deny sign-in requests to your Microsoft account using Android)}
• Sida loo hawlgeliyo xaqiijinta laba-tallaabo ee Aqoonsigaaga Apple, iPhone ama iPadka^{(How to activate two-step verification for your Apple ID, on an iPhone or iPad)}
• U deji xaqiijinta laba-tallaabo akoonkaaga Microsoft Google Authenticator^{(Set up two-step verification for your Microsoft account with Google Authenticator)}
• Sida loo awoodo oo loo isticmaalo Fortnite's 2FA (xaqiijinta laba-factor)^{(How to enable and use Fortnite's 2FA (two-factor authentication))}
• Awood u isticmaal oo u isticmaal xaqiijinta laba-factor (2FA) koontadaada Blizzard^{(Enable and use two-factor authentication (2FA) for your Blizzard account)}

Sidoo kale, haddii aad raadinayso hab fudud oo aad ku hirgelin karto laba-xakamaynta aqoonsiga shirkaddaada, halkan waxaa ah maqaal gaaban oo ku saabsan faa'iidooyinka xalka ugu fiican ee noocan oo kale ah: 7 waxyaalood oo aad ku samayn karto ESET Secure Authentication^{(7 things you can do with ESET Secure Authentication)} .

Ma suurto galisay xaqiijinta laba-geesoodka ah dhammaan akoonnadaada?

Waxaan rajeyneynaa inaad heshay hagahan mid waxtar leh. Haddii aad hayso wax su'aalo ah ama arrimo ku saabsan fahamka sida laba-tallaabo xaqiijinta u shaqeyso, ha ka waaban inaad faallo kaga tagto xagga hoose.

Simple questions: What is two-factor authentication or two-step verification?

In recent years a new secυrity concept has made the headlіnes - two-ѕtep verification or two-fаctor authenticatіon (2FA). It all started with Google enabling it for its users, and sinсe then, many companies followed their example, including Microsoft, Aрple, and Facebook. Even gaming companies joined this trend. If you would like to understand what two-factor authentication is, how it works, why you should enablе it and where read thiѕ articlе:

What is two-step authentication or verification?

Two-factor authentication is a security process that involves two stages for verifying the identity of a person or entity that is trying to access a service of any kind (e-mail, social networking, banking, etc.). This concept is also named two-step verification, and it requires two or more of these three authentication factors: a knowledge factor, a possession factor, and an inherence factor.

Traditional authentication involves only one or two of the three factors mentioned earlier. For example, if you want to use a service like e-mail, traditional authentication involves knowing a username and its password. Knowledge can be stolen in a variety of ways and people can find out both your username and password, and then use that information to pose as you, or steal valuable information that can be used to harm you.

In the real world, traditional verification may involve the knowledge factor and the possession factor. For example, when you go to an ATM to get cash, you use your debit or credit card (possession factor) and the PIN (a knowledge factor). However, both the PIN or the information on your credit card can be stolen in various ways, and unauthorized parties can make online transactions using your money. That's why the 3D Secure concept has been developed to provide an additional security layer for online credit and debit card transactions.

When using two-step verification in the digital world, a third factor is added: the possession factor - usually your smartphone or mobile phone. This device is used for the second stage of verifying your identity. For example, when you sign-in to your email account, you first provide your username and password. Then, you are asked to provide a time-based password that expires in a couple of seconds. This password can be sent to your email account, to your smartphone, or it can be generated by an authenticator app such as Google Authenticator or Microsoft Authenticator.

Some companies and services also provide physical authentication devices that continuously generate the codes you need to use to finalize the verification process. For example, many banks provide physical devices for two-step verification, so that you can access your bank account online. Also, PayPal does this for a number of countries, including the USA.

How does two-factor authentication work?

The implementations for two-step authentication are many, and we do not go into details about all of them because this article would become very long.

The most popular implementation is Google's approach based on the TOTP - Time-based One-time Password Algorithm. When two-step verification is enabled for your account, a special server generates a new password/code once every couple of seconds. The device sharing the password with you needs to be synchronized with the server so that the code you enter during the second authentication step matches the one on the server. If the device sharing the password is out of sync, you cannot complete the verification of your identity.

This algorithm is the most popular one found online. Many companies use it, including Google, Microsoft, Apple, Facebook, Evernote, Dropbox, WordPress, MailChimp, and LastPass.

To make it easier for you to understand how two-factor authentication works, let's take for example Fortnite, a popular online game that many people play. Once you have configured two-factor authentication (2FA) for your Epic Games account (the creators of Fortnite), it is no longer enough just to provide your username and password to log in. You also have to provide a secondary passcode to be able to do that.

The additional passcode is temporary, and you are the only one who knows it. No one else should be able to find it, as you can only get this code from an authenticator app (such as Google Authenticator) or from an email message you receive from Epic Games. The two-factor authentication codes change every couple of seconds, so they should be almost impossible to guess.

If you provide the correct two-factor authentication code, you are signed into your Fortnite account. For the next 30 days, you do not have to provide 2FA codes on the device on which you already signed in. However, at the end of the 30 days or if you try to log in from a new device, you have to provide a valid 2FA passcode again.

Two-factor authentication in the banking sector

Another popular approach is the one used by banks and credit card providers. It is named 3-D Secure, and it is used for approving financial transactions that are made online. This method of two-step verification involves three entities: the domain of the merchant or the bank to which the money is being paid, the domain of the bank which issues the card being used and the infrastructure that supports the 3-D protocol.

This protocol uses only secure SSL connections for making online transactions and, for a transaction to be approved, you need a special password, alongside your name and credit card details. This password may be temporary and time-based, or it may be permanent and set by you, the user. Another important aspect is that this password is not stored by the merchant or the bank to which money is being paid. The password is known only by the servers providing the infrastructure for the 3-D protocol. Therefore, if the merchant is hacked, hackers cannot get your 3-D Secure password.

Why do you need two-factor authentication?

The main reason why you should use two-step verification is to protect yourself. By using this additional layer of protection, you make it harder for unwanted parties to access your identity online and steal personal or financial data.

When using 3-D Secure for financial transactions, you make it harder for hackers to steal your money. It is easy for them to copy your card details but they are going to have a hard time getting your 3-D Secure password.

When should you use two-factor authentication?

Adding a secondary authentication step is annoying for everyone but necessary to keep our accounts and data private. We highly recommend that you enable and use two-step verification at least for the following types of services:

• E-mail - your Inbox stores the biggest amount of personal data out of all your online accounts. People can spy on your email history, learn the username for your banking and PayPal accounts, learn more about your work, your relationships, and many other important details. Securing your inbox is the first thing you should do.
• Online banking & financial transactions - if you do online banking, if you purchase stuff from Amazon, eBay or other online shops, you must secure your credit or debit card. Ask your bank about 3-D secure and the two-step verification options they offer, enable them and use them.
• Storing your passwords - many security conscious people use services like LastPass, Roboform or KeePass. Securing them is crucial. If your account password is stolen, unauthorized parties have access to all your passwords and can do a lot of harm to you.
• Social Networking - we all store lots of personal data on social networks such as Facebook, Twitter, or Instagram. If others get access to your data, they might find many things you would rather keep private. For example, if you have a jealous partner, they may already know your Facebook password and keep an eye on what you do. Protect yourself and enable two-factor authentication.

How to enable two-factor authentication for your most important accounts

In general, enabling two-factor authentication means that you have to log in to your online account and head to your password and security settings. Then, if you can use two-factor authentication for your account, you should find an option for it. If 2FA is available, enabling it means following a couple of steps in which you choose the method you prefer (usually, that is authentication via email or authenticator app on a smartphone). To help you out in enabling and using two-factor authentication, we have published a few guides that cover some of the most popular online services:

• How to enable or disable 2-step verification for your Google account
• Approve or deny sign-in requests to your Microsoft account using Android
• How to activate two-step verification for your Apple ID, on an iPhone or iPad
• Set up two-step verification for your Microsoft account with Google Authenticator
• How to enable and use Fortnite's 2FA (two-factor authentication)
• Enable and use two-factor authentication (2FA) for your Blizzard account

Also, if you are looking for an easy way to implement two-factor authentication in your own company, here is a short article about the benefits of an excellent solution of this kind: 7 things you can do with ESET Secure Authentication.

Have you enabled two-factor authentication on all your accounts?

We hope that you found this guide useful. If you have any questions or issues with understanding how two-step verification works, do not hesitate to leave a comment below.

Related posts

• Sida loo xannibo Desktop-ka fog ee PC-gaaga Windows-

• Sideen dib ugu habeeyaa erayga sirta ah ee akoonkayga Microsoft? -

• Sida loo habeeyo goobaha server-ka ee Windows 10 -

• Sida loogu daro oo loogu isticmaalo VPN gudaha Windows 10 (dhammaan waxaad u baahan tahay inaad ogaato)

• Ka jooji abka iyo ciyaaraha gelitaanka intarneedka, oo wata Windows Defender Firewall

• Sida toos loogu xidho Windows 10 casrigaaga

• Waa maxay faylka Hosts ee Windows? Sida loo tafatiro iwm/martigeliyayaasha?

• Sida telefoonkaaga looga saaro Windows 10

• Sida loogu beddelo astaanta shabakadda Windows-ka mid gaar ah (ama mid guud)

• Sida loo arko oo loo nadiifiyo hawshaada ka baxsan Facebook

• ASUS AiProtection: Daar ama Demi? Kor u qaad ammaanka routerkaaga!

• Amniga qof walba - Dib u eegista GlassWire. Qalabka kormeerka shabakadda ee quruxda badan!

• Waa maxay Microsoft OneDrive? Sidee loo isticmaalaa?

• Su'aalo fudud: Waa maxay Firewall-ka Windows iyo sida loo damiyo ama loo damiyo?

• Sida loo damiyo Find My iPhone

• Dib u eeg CyberGhost: Mid ka mid ah VPN-yada ugu wanaagsan ee lacagta ay iibsan karto

• Sida loo tirtiro xidhiidhada VPN ama PPPOE gudaha Windows 8 & Windows 8.1

• U dejiso TP-Link Wi-Fi 6 routerkaaga sidii VPN server -

• Soo bandhigida Windows 8.1: Sida loo wada-shaqeeyo oo loo hagaajiyo goobahaaga

• Su'aalo Fudud: Waa maxay server-ka wakiil iyo maxay ka dhigan tahay?