Skip to main content

Firm Management

2FA, MFA, GWTP

I stumbled into the world of computers by accident. Having plenty of free time, a friend and I decided to take a computer seminar one summer between college semesters, and I was hooked. I changed my major (not the first time I had done that), became ...

Gail Perry

Oct. 07, 2021

Data_Pixabay Gerd Altmann 2 ball-63527_1280

I stumbled into the world of computers by accident. Having plenty of free time, a friend and I decided to take a computer seminar one summer between college semesters, and I was hooked. I changed my major (not the first time I had done that), became a computer science nerd, and added a minor to my ultimate major in journalism.

I took a plethora of programming courses and even tutored in a course on computer logic – it was the logic of it all that entranced me. Especially with binary programming, there’s only 1 and 0, on and off, right and wrong. It was the most sensible thing I had ever encountered.

Fast forward to today, I’ve written several books on computer applications, I use computers in my job and my life all day long, I’ve thought of myself as being pretty savvy about computers. And when I see other people getting hacked, I assume they made a mistake somewhere and that that won’t happen to me. And yet, somehow I never bothered to set up multiple layers of identification in my social media accounts.

Then my Facebook Messenger account got hacked and it appeared that I sent out some sort of crazy link to everyone in my contact list. Those friends who trusted me to only send smart things in Messenger clicked the link and probably exposed themselves to potential hacking as well.

I know, it wasn’t the login that got me, I probably clicked on some arbitrary enticing link that sent me down the rabbit hole of getting hacked. But once I made the erroneous click, my standalone password had been bypassed and the hacker could get at my mailing list. Changing my password after the spam messages went out was too little too late. I decided in that instant (and that’s all it took for all of those messages to shoot out to my connections) it was time to get with the program (GWTP) and institute two-factor authentication (2FA) on my social media accounts.

Using 2FA or multi-factor authentication (MFA) protects accounts even when passwords are inadvertently disclosed, as we noted in an article we published in August (www.cpapracticeadvisor.com/21233733). Along with a password that contains a unique, non-patterned collection of numbers, upper and lower case letters, and symbols, there should be a backup system to that password with a biometric authentication, a third-party authenticator app, a number-generating fob, an authenticator display card, or a code sent to another device.

Note that the IRS has announced that it now requires MFA on all 2021 online tax preparation products (www.cpapracticeadvisor.com/21164984), so it makes sense to get accustomed to this more secure method of connection, at least until the world figures out an alternative to passwords or the hackers find something better to do with their time. #hackedbutbetterbecauseofit

See inside October 2021

Automation Solves Payroll Headaches

If you’ve ever done payroll for your own business or a client's, you’ll understand just how stressful the process can be. Employees are extremely proprietary about their paychecks and will notice the smallest discrepancy.

Previous

Hiring Remotely? Here’s What You Need to Know

Before 2020, remote hiring was nearly foreign in finance and accounting fields. In-person interviews and meetings — getting face time — was ingrained in the business culture.

Next