Most services nowadays require signup and login procedures that are based on usernames and passwords. Unfortunately, single-factor authentication is not enough to protect accounts especially at the rate at which technologies are evolving, as hackers become more sophisticated and are able to compromise accounts in a matter of seconds. To top it all off, every year billions of usernames and passwords are stolen and sold on dark web markets, and as a result, many users become victims to identity theft and data loss.
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanControlScan, Inc.
Phishing is a top organizational security vulnerability because it involves the exploitation of human weakness. This ControlScan National Cyber Security Awareness Month presentation teaches employees how to spot and combat a phishing attack.
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanControlScan, Inc.
Phishing is a top organizational security vulnerability because it involves the exploitation of human weakness. This ControlScan National Cyber Security Awareness Month presentation teaches employees how to spot and combat a phishing attack.
- Baltimore ransomware hacking attack 2019
- What Is Ransomware ?
- Baltimore Ransomware Attack 2019
- Attacking Details
- How Did The Hackers Breach The Baltimore Computer System?
- Results
- How To Detect Ransomware
- Ways To Protect Your Network From A Ransomware Attack
Slideshare that can be used as an educational training tool for employees to be aware of the risks of phishing attacks. This presentation covers the threat of phishing and what strategies can be done to mitigate phishing attacks.
PhishingBox is an online system for organizations to easily conduct simulated phishing attacks and educate their end users through awareness training. This helps identify vulnerabilities and mitigate risk. Our system is simple to use, cost-effective and helps clients reduce risk and achieve cybersecurity objectives.
Information Security Awareness, Petronas Marketing SudanAhmed Musaad
A two hours security awareness session that I presented for Petronas Marketing Sudan employees. The session includes -- but not limited to -- many topics like Passwords, Email Security, Social Networks Security, Physical Security, and Laptop Security.
You can use this as an introductory session for your security awareness training, but not as a sufficient one time session at all.
Your comments, feedback, and suggestions are much appreciated.
14 tips to increase cybersecurity awarenessMichel Bitter
We used this presentation within our company to increase the cybersecurity awareness of our employees. These 14 tips should help everybody to protect themselves against the most obvious cyber attacks.
A Webinar on cyber Security Awareness and Digital Safety is hosted on the 7th of June, 2020. Sthir Yuwa in association with Information Security Response Team Nepal and Center For Cyber Security Research and Innovation conducted successfully. There were almost 70 participants on this webinar.
Cybersecurity Awareness Training Presentation v2021.08DallasHaselhorst
This free cybersecurity awareness training slide deck is meant to be used by organizations and end users to help them better understand ways they can avoid scams, cyber attacks, and become more security aware. This slide deck is based on version 2021.08 of our wildly popular slide deck we originally released as open-source in September 2019. In just over 6 months, version 1.0 was downloaded thousands of times and in over 150 countries!
On our website, you will also find several other related goodies. For example, we have free and downloadable worksheets referenced in the training. These worksheets provide material that attendees can take back home with them to try out and continue the security conversation. We also have free cybersecurity quizzes that are based directly off of this material so anyone can test their awareness knowledge. We even have a downloadable 'certificate of completion' for this training, which allows attendees to fill-in their name and date so they can then print it out to show others (or even their employer) that they are now more cyber aware.
https://www.treetopsecurity.com/cat
On our website, we also have a video/webinar presentation of this material if you would like to share it with others.
https://www.treetopsecurity.com/cat#video
Do you want to take this content and present it in your own community or business? Fantastic! You may download this slide deck as editable content. This allows you to make changes and present it at your local library, business events, co-working spaces, schools, etc. The latest version is always available on our website as a Microsoft PowerPoint presentation (.pptx) or Google Slides using ‘Make a Copy’. Those downloadable versions from our website also include speaker notes to provide talking points or tips for anyone delivering the content.
https://www.treetopsecurity.com/slides
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
I developed "Cyber Security 101: Training, awareness, strategies for small to medium sized business" for the second annual Small Business Summit on Security, Privacy, and Trust, co-hosted by ADP in New Jersey, October 2013.
Two Factor Authentication (2FA) Deep Dive: How to Choose the Right Solution f...ConorGilsenan1
Two-factor authentication (2FA) is the most straightforward way for companies to drastically improve the security of their user authentication process. However, not all 2FA implementations are created equal. Thinking of quickly throwing together a workflow using SMS and calling it a day? Think again! Though popular, 2FA via SMS has many security issues and was actually deprecated by NIST in 2017. In this presentation, I dive into the technical details of the most common 2FA implementations and highlight security and usability trade-offs. You will learn how to develop a 2FA implementation strategy that will best serve your users.
“We live in a world that has walls and those walls need to be guarded by men with guns”.
A short presentation on how to secure data and avoid theft of data. Also mention the tips and techniques to safe your data.
Data Con LA 2019 - So You got Hacked, how Quickly Can your Company Recover? b...Data Con LA
This presentation will demonstrate where hacks are most successful, through hardware, software, firmware or the radio connected to the network. The hacking of IoT devices and systems explained in 6 basic steps. On the other side, protecting devices continue to be a challenging effort. Product vendors/developers and customers are all responsible for improving IoT device security. The top 10 vulnerabilities will be presented and discussed. 1. Insecure Web Interface 2. Insufficient Authentication/Authorization 3. Insecure Network Services 4. Lack of Transport Encryption/Integrity Verification 5. Privacy Concerns 6. Insecure Cloud Interface 7. Insecure Mobile Interface 8. Insufficient Security Configurability 9. Insecure Software/Firmware 10. Poor Physical Security 3 things the audience will walk away with include: 1. Basic areas of vulnerability 2. Types of attacks 3. How to protect from these areas and make the systems more functional and secure.
- Baltimore ransomware hacking attack 2019
- What Is Ransomware ?
- Baltimore Ransomware Attack 2019
- Attacking Details
- How Did The Hackers Breach The Baltimore Computer System?
- Results
- How To Detect Ransomware
- Ways To Protect Your Network From A Ransomware Attack
Slideshare that can be used as an educational training tool for employees to be aware of the risks of phishing attacks. This presentation covers the threat of phishing and what strategies can be done to mitigate phishing attacks.
PhishingBox is an online system for organizations to easily conduct simulated phishing attacks and educate their end users through awareness training. This helps identify vulnerabilities and mitigate risk. Our system is simple to use, cost-effective and helps clients reduce risk and achieve cybersecurity objectives.
Information Security Awareness, Petronas Marketing SudanAhmed Musaad
A two hours security awareness session that I presented for Petronas Marketing Sudan employees. The session includes -- but not limited to -- many topics like Passwords, Email Security, Social Networks Security, Physical Security, and Laptop Security.
You can use this as an introductory session for your security awareness training, but not as a sufficient one time session at all.
Your comments, feedback, and suggestions are much appreciated.
14 tips to increase cybersecurity awarenessMichel Bitter
We used this presentation within our company to increase the cybersecurity awareness of our employees. These 14 tips should help everybody to protect themselves against the most obvious cyber attacks.
A Webinar on cyber Security Awareness and Digital Safety is hosted on the 7th of June, 2020. Sthir Yuwa in association with Information Security Response Team Nepal and Center For Cyber Security Research and Innovation conducted successfully. There were almost 70 participants on this webinar.
Cybersecurity Awareness Training Presentation v2021.08DallasHaselhorst
This free cybersecurity awareness training slide deck is meant to be used by organizations and end users to help them better understand ways they can avoid scams, cyber attacks, and become more security aware. This slide deck is based on version 2021.08 of our wildly popular slide deck we originally released as open-source in September 2019. In just over 6 months, version 1.0 was downloaded thousands of times and in over 150 countries!
On our website, you will also find several other related goodies. For example, we have free and downloadable worksheets referenced in the training. These worksheets provide material that attendees can take back home with them to try out and continue the security conversation. We also have free cybersecurity quizzes that are based directly off of this material so anyone can test their awareness knowledge. We even have a downloadable 'certificate of completion' for this training, which allows attendees to fill-in their name and date so they can then print it out to show others (or even their employer) that they are now more cyber aware.
https://www.treetopsecurity.com/cat
On our website, we also have a video/webinar presentation of this material if you would like to share it with others.
https://www.treetopsecurity.com/cat#video
Do you want to take this content and present it in your own community or business? Fantastic! You may download this slide deck as editable content. This allows you to make changes and present it at your local library, business events, co-working spaces, schools, etc. The latest version is always available on our website as a Microsoft PowerPoint presentation (.pptx) or Google Slides using ‘Make a Copy’. Those downloadable versions from our website also include speaker notes to provide talking points or tips for anyone delivering the content.
https://www.treetopsecurity.com/slides
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
I developed "Cyber Security 101: Training, awareness, strategies for small to medium sized business" for the second annual Small Business Summit on Security, Privacy, and Trust, co-hosted by ADP in New Jersey, October 2013.
Two Factor Authentication (2FA) Deep Dive: How to Choose the Right Solution f...ConorGilsenan1
Two-factor authentication (2FA) is the most straightforward way for companies to drastically improve the security of their user authentication process. However, not all 2FA implementations are created equal. Thinking of quickly throwing together a workflow using SMS and calling it a day? Think again! Though popular, 2FA via SMS has many security issues and was actually deprecated by NIST in 2017. In this presentation, I dive into the technical details of the most common 2FA implementations and highlight security and usability trade-offs. You will learn how to develop a 2FA implementation strategy that will best serve your users.
“We live in a world that has walls and those walls need to be guarded by men with guns”.
A short presentation on how to secure data and avoid theft of data. Also mention the tips and techniques to safe your data.
Data Con LA 2019 - So You got Hacked, how Quickly Can your Company Recover? b...Data Con LA
This presentation will demonstrate where hacks are most successful, through hardware, software, firmware or the radio connected to the network. The hacking of IoT devices and systems explained in 6 basic steps. On the other side, protecting devices continue to be a challenging effort. Product vendors/developers and customers are all responsible for improving IoT device security. The top 10 vulnerabilities will be presented and discussed. 1. Insecure Web Interface 2. Insufficient Authentication/Authorization 3. Insecure Network Services 4. Lack of Transport Encryption/Integrity Verification 5. Privacy Concerns 6. Insecure Cloud Interface 7. Insecure Mobile Interface 8. Insufficient Security Configurability 9. Insecure Software/Firmware 10. Poor Physical Security 3 things the audience will walk away with include: 1. Basic areas of vulnerability 2. Types of attacks 3. How to protect from these areas and make the systems more functional and secure.
Role Of Two Factor Authentication In Safeguarding Online TransactionsITIO Innovex
If you need assistance on how to start your own payment gateway business, please contact us to discuss your requirements.
Visit us at: https://itio.in/
Public cloud Identity-as-a-Service (IDaaS) providers are not immune to data breaches. IDaaS companies will live and die by their appetite for innovation and speed to market.
Cyber 101: An introduction to privileged access managementseadeloitte
Gartner has named privileged access management the #1 cyber security priority for organisations. But what exactly does privileged access management entail?
If you are in the growing app and SaaS market, you will know all too well about the critical issues surrounding user security and pricy.
Since 2005, Two Factor Authentication has had a growing increase in interest, usage and adoption by businesses and users, as privacy and safety of our online lives becomes more important. Just looking at Google Trends shows that Two Factor Authentication is here to stay, and the forecast shows promising growth.
Multi-factor authentication (or MFA) Learn all you need to know about what multi-factor authentication is, and why you need MFA to protect customer data.
https://bit.ly/3jowx1a
5 Reasons Why Your Business Should Consider Strong Authentication!Caroline Johnson
User authentication is a process that allows a website, application, or device to verify the identity of its users. The main purpose of user authentication is to ensure that no third-party or unknown user has access to your account.
Download this eBook for more information: https://bit.ly/3WoKwpy
SECURITY THE POWER OF MULTI-FACTOR AUTHENTICATIONProtected Harbor
The "Power of Multi-Factor Authentication" infographic highlights the enhanced security provided by MFA. It demonstrates how MFA combines various authentication methods, bolstering data protection. This visual tool underscores its effectiveness in preventing unauthorized access and data breaches. It's a valuable resource for anyone looking to bolster their cybersecurity. Download it today!
If you think you’re safe because you have two-factor authentication protecting your applications and data, you might want to rethink your security strategy. While certain two-factor methods can be secure, others can be easily defeated leaving you vulnerable to attacks.
Learn why simple two-factor authentication is not enough and what you can do to make sure you are protected. We'll present a new approach to authentication, which continuously analyzes risk-factors including, geo-location, behavioural biometrics and threat intelligence, to ensure your users are who they say they are.
Business Email Compromise: A Symptom Not A Cause.pdfNiloufer Tamboly
In an era where digital communication dominates the corporate landscape, business email compromise (BEC) has emerged as a critical threat to organizational integrity and financial stability. This talk explores BEC not as an isolated phenomenon but as a symptom of broader, underlying vulnerabilities within an organization's control systems. As a cybersecurity expert, I will guide you through a comprehensive examination of the factors that contribute to BEC, demonstrating that these incidents are often preventable through more robust internal controls and heightened employee awareness.
Business email compromise is a type of cyber fraud that involves the unauthorized use of business email accounts to conduct unauthorized transfers of funds or sensitive information. Despite its simplicity, the impact of BEC can be devastating, leading to significant financial losses and eroding trust within organizations. This presentation will outline the mechanics of BEC, examine its causes, and detail the profound impact it can have on organizations.
A Simplified Guide to the Evolution of Authentication!Caroline Johnson
Modern users and customers always demand to improve the security level of their accounts and sensitive information. This applies to both individual users and businesses alike. The trend of highly targeted attacks and the potential to inflict massive damage makes everyone concerned about the safety of their login credentials and business data.
It’s vital that you consider all authentication methods available when prioritizing strong authentication systems. Ultimately, there is no one-size-fits-all solution when it comes to authentication.
What is two factor or multi-factor authenticationJack Forbes
By adding risk-based authentication as a final security layer on top of your other MFA layers, adaptive MFA avoids annoying your customers, while keeping their data safe from attacks. By using adaptive multi-factor authentication, you can relax with the assurance that your customers are happy and safe when they’re using your online services and products.
Optimize Your Zero Trust InfrastructurePing Identity
See how you can create seamless and secure experiences for your employees and customers by optimizing and adding intelligence to your Zero Trust infrastructure.
Similar to TWO FACTOR AUTHENTICATION - COMPREHENSIVE GUIDE (20)
Secure web conferencing for c level executivesCTM360
As the whole world goes into a deep and speedy phase of digital transformation, cloud, and online service, there has been an excessive reliance on web conferencing services for remote work meetings. As with all trends, cybercriminals take this as an opportunity to target this large group of individuals.
As the current pandemic crisis has scaled across the globe, the majority of the organizations have resorted to
working remotely. This opens up an organization to potential cyber threats as there is a lack of control on the
employee devices and digital environment. Cybercriminals are using the novel COVID-19 issue as a base for their
attacks, which includes spreading malware through files containing information about Coronavirus, fake news
and even scams related to masks or cures. Remote employees should be made well aware of such threats and
how to be digitally safe.
Cyber Threat Advisory: Coronavirus Related ScamsCTM360
As COVID-19 trends across media globally, this has given cybercriminals an opportunity to leverage from the hype, in turn, scamming individuals & organizations all over the world. Read our latest Cyber Threat Advisory by Kawthar Al Abdullah - Cyber Threat Analyst at CTM360®
Unlocking New Doorways to Multi-channel ScamsCTM360
CTM360 has discovered a new wave of financial attacks where cybercriminals use fake ad campaigns/pages to redirect users to fraudulent websites that have investment schemes, Bitcoin Ponzi schemes, fake survey websites, and free goods/services, etc. with the intention to steal the victim's bank account and card details. Prominent organizations, well-known personalities and members from royal families are used to market these bogus campaigns. Scammers are carrying out such fraudulent activities under the radar without being noticed or blocked by relevant authorities by pushing these scams mainly through the following two techniques:
- Doorway Pages
- Fake Ad Campaigns on Social media platforms
The Spread of Fake News - CTM360 - GI December 2017CTM360
Distribution of fake news and underlying scams have escalated to not only affect the public, but also the political and business world. Here's how to protect yourself, according to CTM360 - a cybersecurity firm from Bahrain.
Recent hacks of major international and regional banks have occurred due to exploits from the following vulnerabilities:
1. Cross-Site Scripting (XSS) vulnerability using redirects
2. Local File Inclusion (LFI) vulnerability
3. Cross-Site Request Forgery (CSRF) vulnerability
As Business Email Compromise and email domain spoofing are on the rise, it is getting exceedingly crucial that DMARC be configured correctly and comprehensively on all domains belonging to an organization.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
How world-class product teams are winning in the AI era by CEO and Founder, P...
TWO FACTOR AUTHENTICATION - COMPREHENSIVE GUIDE
1. TWO FACTOR
AUTHENTICATION
Comprehensive Guide
by Team CTM360
Featured in ‘The 14 Providers That Matter Most’
- The Forrester Research Report, Q3 2018
CTM360 - ‘Technology Company of the Year’
- MEED Awards 2018
FORRESTER
RESEARCH
2. 2 FACTOR AUTHENTICATION:
ACTIVATE IT EVERYWHERE
Most services nowadays require signup and login procedures
that are based on usernames and passwords.
Unfortunately, single-factor authentication is not enough to protect
accounts especially at the rate at which technologies are evolving, as
hackers become more sophisticated and are able to compromise accounts
in a matter of seconds. To top it all off, every year billions of usernames and
passwords are stolen and sold on dark web markets, and as a result, many
users become victims to identity theft and data loss.
Two-Factor Authentication (2FA) requires the user to enter a
password and then another verification code before he is given
access to the account.
This method keeps the account safe even after the first password has been
obtained by an unauthorized person. Once an account is compromised,
attackers can cause a lot of damage, especially to accounts used in the
workplace. This is why we strongly suggest that all accounts that support
2FA should have it enabled as soon as possible.
TWO FACTOR AUTHENTICATION : COMPREHENSIVE GUIDE BY CTM360® | 01
3. WORRYING FACTS ABOUT
TRADITIONAL SECURITY MEASURES
90%of passwords can
be cracked within
6 hours
63%of people are using the
same password for
multiple
accounts
BILLIONSof passwords are tested
every second by hackers
There has been a recent surge in Whatsapp account hijacking in the region. In most cases, this occurs through social
engineering where the victim receives a Whatsapp or IMO call and is asked to provide an SMS code which they received in
order to claim a prize. The code in the SMS is a WhatsApp phone number verification code. When acquired, this gives the
hijacker control of the account.
TWO FACTOR AUTHENTICATION : COMPREHENSIVE GUIDE BY CTM360® | 02
4. HOW ORGANIZATIONS AND
INDIVIDUALS CAN PROTECT
THEMSELVES
Using multi-factor authentication (MFA)
mechanisms, organizations, as well as
individuals, are able to get better security and
protect their environments, providing defense
from 80% of stolen credential security breaches.
This can be accomplished by using technical
controls (enforcing two-factor authentication
wherever centralized management is possible),
as well as via administrative controls (by creating
and enforcing a policy for accounts created using
business email addresses).
TWO FACTOR AUTHENTICATION : COMPREHENSIVE GUIDE BY CTM360® | 03
5. ENABLING 2FA ON
POPULAR ACCOUNTS
Using multi-factor authentication (MFA) mechanisms, organizations, as well as individuals, are able to get
better security and protect their environments, providing defense from 80% of stolen credential security
breaches.
1- Whatsapp → Settings → Account → Two-Step Verification
2- Twitter → Profile And Settings → Account → Security → Set Up Login Verification
3- Facebook → Settings → Security → Login Approvals
4- Google → Google Account → My Account → Sign-In & Security → Signing In To Google → 2-Step Verification
5- Instagram → Account → Settings → Privacy And Security → Two-Factor Authentication
6- Microsoft → Security Settings Page → Overview → Security Info → Set Up Two-Step Verification
7- Linkedin → Account → Login And Security → Add A Phone Number
TWO FACTOR AUTHENTICATION : COMPREHENSIVE GUIDE BY CTM360® | 04
6. FINANCIAL/PAYMENT ACCOUNT GUIDES
Amazon Pay - https://www.amazon.com/gp/help/customer/display.html?nodeId=201962420
PayPal - https://www.paypal.com/us/webapps/mpp/security/security-protections
Uber - https://help.uber.com/riders/article/2-step-verification
For more in-depth guides to configure 2FA on different commonly used accounts, please visit the
following links:
SOCIAL MEDIA ACCOUNT GUIDES
Facebook - https://www.facebook.com/help/148233965247823
LinkedIn - https://www.linkedin.com/help/linkedin/answer/531
YouTube - https://www.google.com/intl/en-US/landing/2step/features.html
Instagram - https://help.instagram.com/566810106808145
Google+ - https://www.google.com/intl/en-US/landing/2step/features.html
Pinterest - https://help.pinterest.com/en/article/two-factor-authentication
Snapchat - https://support.snapchat.com/en-US/article/enable-login-verification
Twitter - https://help.twitter.com/en/managing-your-account/two-factor-authentication
Tumblr - https://tumblr.zendesk.com/hc/en-us/articles/226270148-Two-factor-authentication
TWO FACTOR AUTHENTICATION : COMPREHENSIVE GUIDE BY CTM360® | 05
8. EMAIL & COMMUNICATION ACCOUNT GUIDES
WhatsApp -
https://faq.whatsapp.com/en/general/26000021
HootSuite -
https://help.hootsuite.com/hc/en-us/articles/204595950-Manage-Google-Authenticator
LastPass -
https://support.logmeininc.com/lastpass/help/manage-trusted-devices-for-multifactor-authentication-
lp030010
Slack -
https://get.slack.help/hc/en-us/articles/204509068-Enabling-two-factor-authentication
MailChimp -
https://mailchimp.com/help/set-up-a-two-factor-authentication-app-at-login/
Yahoo Mail -
https://help.yahoo.com/kb/SLN5013.html
TWO FACTOR AUTHENTICATION : COMPREHENSIVE GUIDE BY CTM360® | 07
9. DOMAIN & HOSTING ACCOUNT GUIDES
If you would like to verify if any other platforms that support 2FA, you can visit the following link for
further information and guides:
https://twofactorauth.org/
Remember that your account security does not only affect you as an individual but can also impact your
organization and everyone you communicate with. Enable 2FA on all of your accounts today and reduce
your overall digital risk.
Wordpress - https://en.support.wordpress.com/security/two-step-authentication/
GoDaddy - https://www.godaddy.com/help/enable-two-step-verification-7502
eNom - https://www.enom.com/kb/kb/kb_1687-setup-2-factor.htm
Nominet - https://registrars.nominet.uk/sites/default/files/two_factor_authentication_userguide.pdf
Joomla - https://docs.joomla.org/J3.x:Two_Factor_Authentication
CloudFlare - https://support.cloudflare.com/hc/en-us/articles/200167866-How-do-I-set-up-two-
factor-authentication
DigiCert - https://www.digicert.com/two-factor-authentication.htm
SSLTrust - https://www.ssltrust.com.au/help/account-management/enable-2factor
TWO FACTOR AUTHENTICATION : COMPREHENSIVE GUIDE BY CTM360® | 08TWO FACTOR AUTHENTICATION : COMPREHENSIVE GUIDE BY CTM360® | 08
11. CONTACT US:
6th floor,
Citibank House,
Seef District,
Kingdom of Bahrain
+973 77 360 360
info@ctm360.com
www.ctm360.com
Featured in ‘The 14 Providers That Matter Most’
- The Forrester Research Report, Q3 2018
CTM360 - ‘Technology Company of the Year’
- MEED Awards 2018
FORRESTER
RESEARCH