two-factor authentication Archives

AppWizard

April 28, 2025

For Android users: How to secure your Instagram account

Two-factor authentication (2FA) enhances online account security by requiring a second form of verification in addition to a password. To enable 2FA on Instagram, users should: open the app, go to their profile, tap the menu icon, select "Settings," navigate to "Security," and choose "Two-Factor Authentication." Users can receive verification codes via text message or an authentication app. This measure helps protect accounts even if a password is compromised.

AppWizard

April 25, 2025

12 Android apps secretly recorded your conversations

Recent findings from cybersecurity experts at ESET revealed that several Android applications, disguised as harmless tools, have been secretly recording conversations and stealing sensitive data. These malicious apps infiltrated devices through the Google Play Store and third-party platforms, compromising the privacy of thousands of users. One tactic used by cybercriminals involved romantic deception, where victims were coaxed into downloading a seemingly harmless messaging app containing the VajraSpy Trojan, which activated upon installation to record conversations and harvest personal data. The identified malicious apps fall into three categories: 1. Standard Messaging Apps with Hidden Trojans: These apps, including Hello Chat, MeetMe, and Chit Chat, request access to personal data and operate silently in the background, stealing contacts, SMS messages, call logs, device location, and installed app lists. 2. Apps Exploiting Accessibility Features: Apps like Wave Chat exploit Android’s accessibility features to intercept communications from secure platforms, record phone calls, keystrokes, and ambient sounds. 3. Single Non-Messaging App: Nidus, a news app, requests a phone number for sign-in and collects contacts and files, increasing the risk of data theft. The 12 malicious Android apps identified include: Rafaqat, Privee Talk, MeetMe, Let’s Chat, Quick Chat, Chit Chat, YohooTalk, TikTalk, Hello Chat, Nidus, GlowChat, and Wave Chat. The first six apps were available on the Google Play Store and had over 1,400 downloads before removal. Users are advised to uninstall these apps immediately to protect their personal data.

Tech Optimizer

April 12, 2025

I abandoned third-party antivirus tools, and here’s what I do instead

The author has transitioned from using third-party antivirus solutions to relying on Windows Security, which is built into Windows 10 and 11, due to its effectiveness and lack of cost. They emphasize the importance of keeping Windows Security updated and performing regular virus scans for added peace of mind. Ransomware protection features, such as Controlled Folder Access, are highlighted as essential. The Microsoft PC Manager app is recommended for optimizing system performance and security. The author advocates for good security hygiene, including avoiding suspicious emails and enabling two-factor authentication, as effective practices to maintain security without third-party antivirus software.

Tech Optimizer

April 10, 2025

6 overlooked security practices I implemented at home and I regret not using sooner

- Safeguarding technology is crucial in the digital age due to potential threats from various devices. - Two-factor authentication (2FA) enhances online account security by requiring a second code sent to a phone, email, or authentication app. - Biometric verification methods and hardware authentication devices like YubiKeys can further enhance security. - Backup codes should be printed when setting up 2FA, and passkeys offer a passwordless solution for securing accounts. - Ransomware can lock users out of data until a ransom is paid, and Windows 10 and 11 have a feature called Controlled Folder Access (CFA) to protect essential folders. - Windows Security provides baseline protection for PCs, and users should regularly check for updates and conduct manual scans. - Microsoft's PC Manager utility enhances system security by offering features for storage and app management alongside virus scanning. - Securing web browsers is vital, with unique settings available in browsers like Microsoft Edge, Firefox, and Chrome to improve privacy and security. - Regularly clearing browsing history and keeping browsers updated helps mitigate risks from malware and phishing attacks. - Securing Wi-Fi routers involves changing the default admin password and SSID, using strong encryption like WPA3, and regularly updating firmware. - Custom firmware like DD-WRT or OpenWrt can enhance router security and functionality.

Winsage

April 5, 2025

Microsoft Confirms Password Deletion For Windows Users—What You Do Now

Microsoft is transitioning away from passwords to enhance security, encouraging users to adopt passkeys. Passkeys are securely stored secrets on a user's device, unlocked through biometrics, PINs, or patterns, making them resistant to phishing and eliminating the need for complex passwords. Users can set up passkeys by signing into their Microsoft account's Advanced Security Options or Security Info, selecting a sign-in method, and following on-screen instructions. Once established, signing in is straightforward, requiring only the chosen authentication method. Microsoft is prioritizing passkeys for new accounts and refining its sign-in logic to improve efficiency, with passkeys being three times faster than traditional passwords. Passkeys can be used across devices and applications that support them, with Windows Hello facilitating authentication.

AppWizard

April 3, 2025

Android 15 blocked Phone Link from mirroring sensitive notifications, but Microsoft has a fix

Microsoft's Phone Link app can now mirror sensitive notifications from Android devices to Windows PCs after the Android 15 update had initially restricted this capability. The Android 15 update classified two-factor authentication codes as sensitive, blocking their visibility to most notification listeners, including Phone Link. To access sensitive notifications, Phone Link must be preinstalled on the device and granted the RECEIVESENSITIVENOTIFICATIONS permission. Users with devices that have Link to Windows preinstalled, like the Xiaomi 15 Ultra and Samsung Galaxy S25 Ultra, can grant permission to restore full functionality. For devices without the preinstalled app, workarounds include disabling Android System Intelligence notification processing or manually granting permissions.

Tech Optimizer

April 2, 2025

When it comes to security, public Wi-Fi could be a risky choice for commuters worldwide

Research from NordVPN indicates that 47% of commuters use strong passwords or passcodes, 46% regularly update their software, 20% use privacy screen protectors, and only 17% utilize a VPN for added security while traveling.

AppWizard

March 28, 2025

Keeper Security Enhances WearOS App and Android Offline Mode

Keeper Security has enhanced its Keeper WearOS app, previously known as KeeperDNA, to improve security and user experience for smartwatch users. The app now aligns with Google's Android guidelines, featuring a modern interface that allows users to securely view stored credentials and utilize Two-Factor Authentication (2FA) more easily. Key features include Time-Based One-Time Password (TOTP) code viewing, Watch Favorites for quick access to frequently used logins, and improved offline functionality that allows users to access Keeper data without an internet connection. The account setup process has been simplified, and users can manage offline access and 2FA settings separately. The updated app is available on the Google Play Store and supports zero-knowledge encryption. Future updates are planned to include passkey support and standalone functionality for managing security directly from wearable devices.

AppWizard

March 27, 2025

Keeper Security Unveils Latest WearOS App for Seamless Password Management

Keeper Security has launched an updated version of its WearOS app for Android, enhancing security and user experience for smartwatch users. The app, formerly known as KeeperDNA, features a redesigned interface, instant access to credentials and 2FA codes, and a "Watch Favorites" option for quick access to frequently used logins. Improvements to offline functionality include a simplified account setup, enhanced offline mode with configurable vault access durations, and decoupled offline mode and 2FA settings. The updated app is available for download on the Google Play Store and maintains zero-knowledge encryption for user data security.

Winsage

March 22, 2025

How to disable the Windows Hello feature with Intune

Windows Hello allows users to authenticate in Windows using biometric data or a PIN, with enhanced features in Windows Hello for Business, including device authentication and integration with Conditional Access. It is recognized by NIST as a multifactor authentication (MFA) method, combining a device with a Trusted Platform Module (TPM) and a PIN or biometric data. However, the second factor is not portable, which may be a concern for some organizations. For those not using Windows Hello for Business, IT administrators can disable it through Microsoft Intune using two methods: by adjusting enrollment options or creating an account protection policy.