Page 85 - Cyber Safety C-8
P. 85

Password Managers: A Digital Keyring

                 Consider having hundreds of different keys for different lockers, and having to remember which
                 key belongs to which lock. It would be nearly impossible! A password manager works like a secure,
                 intelligent digital keyring that stores all passwords in one encrypted place.
                 A password manager protects  password data  using strong
                 encryption algorithms, meaning even if someone gains access to
                 a device, they cannot read the stored passwords. Only one strong
                 “master  password” is required  to  unlock the manager. Once
                 unlocked, it automatically fills in the correct, complex password
                 for websites and apps, reducing the risk of typing errors or falling
                 for fake login pages.

                 Modern password managers can also generate strong, unique
                 passwords  for every account,  check  for  weak or repeated
                 passwords,  alert when  a data  breach is detected,  and sync
                 passwords  across  devices  securely.  This ensures stronger  online  protection  and  prevents
                 cybercriminals from easily guessing or stealing passwords.
                 Popular examples of password managers are Bitwarden, LastPass, and 1Password. In fact, many
                 banks in India now recommend using these managers to keep online banking accounts secure.

                 Multi-Factor Authentication (MFA): The Double Lock


                 Passwords act as the first lock on a digital account, but relying on a single lock is risky in a world
                 full of cyber threats. Multi-Factor Authentication (MFA), also known as Two-Factor Authentication
                 (2FA), adds a second layer of verification to ensure that only the real account owner can access
                 the system. Even if a cybercriminal manages to guess or steal a password, access is still blocked
                 without the second verification factor.

                 MFA works by combining two or more types of authentication factors:
                 1.  Something the user knows, such as a password or PIN.

                 2.   Something  the  user  has, such  as  a  one-time  password
                    (OTP) sent to a mobile device, a hardware token, or a code
                    from an authentication app such as Google Authenticator
                    or Microsoft Authenticator.
                 3.   Something the user has biometric identification such as a

                    fingerprint, face scan, or iris recognition.
                 By requiring at least two of these factors, MFA significantly
                 reduces the chances of unauthorized access. This method is
                 widely used in banking apps, email platforms, social media accounts, and online payment systems.

                 A commonly observed  example  is the login process  of a Gmail  account.  After entering  the
                 password, the system sends an OTP to the registered mobile number or displays a verification
                 prompt on a linked device. This additional step ensures that the account remains secure, even if
                 the password has been compromised.

                                                                                      Advanced Password Protection  83
   80   81   82   83   84   85   86   87   88   89   90