Aplicații

E-mail 986 Solutii

How to Turn on Two-Factor Authentication for LinkedIn

LinkedIn Logo

Two-factor authentication (2FA) is a great security tool, and we always recommend it. Most apps make it pretty easy to turn on 2FA, and LinkedIn is no exception. Here’s how to enable it and make yourself safer.

You can turn on two-factor authentication from either the LinkedIn website or the mobile app, but either way, you’ll need to be logged in to your LinkedIn account. Go ahead and do this first.

Click on your avatar in the top-right corner of the LinkedIn website. In the menu that opens, click the “Settings & Privacy” option.

The "Settings & Privacy" menu option.

Click on the Account tab, scroll down to the “Two-Step Verification” section, and then click the “Change” link.

The Account tab, and the "Two-step verification" option.

The section will expand. Click the “Turn On” button.

The "Two-step verification" option with "Turn on" highlighted.

You can choose whether to use an authenticator app to generate a code for you or to receive SMS (text) messages with the code. We strongly recommend using an authenticator app as it’s more secure, but two-factor authentication using SMS is still much safer than not using two-factor authentication at all.

Choose your method—we’re going to use an authenticator app—and then click the “Continue” button.

The verification method dropdown.

Enter your password in the prompt that appears and then click “Done.”

The Password entry field and the Done button.

The instructions for adding an account to your authenticator app are displayed. Add a new account in your authenticator app, scan the QR code using your phone’s camera, and once the account is created, enter the six-digit code from the authenticator app into the text box in LinkedIn and click “Continue.”

LinkedIn's instructions for adding the account to an authenticator app.

Two-factor authentication is now turned on. Click on “Recovery Codes” to display the backup codes, so you can still get in if you ever lose your phone.

The "Two-step verification" settings, with "recovery codes" highlighted.

Click “Copy Codes” and save them somewhere secure. You’ll need them to get into your LinkedIn account if you ever lose or wipe your phone.

The recovery codes, with "Copy codes" highlighted.

Now that you’ve turned on two-factor authentication, you’ll need to log in again through any other devices you use, such as your phone.

Turn on Two-Factor Authentication in the LinkedIn App

Turning on two-factor authentication in the mobile app is the same on the iPhone, iPad, and Android. Open the app and tap your profile picture.

LinkedIn's Profile button.

Then select the “View Profile” link.

The "View Profile" option.

Tap on the Settings gear in the top-right corner.

The Settings cog.

Open the “Privacy” tab, scroll down, and then tap “Two-Step Verification.”

The Privacy tab, with the "Two-step verification" option highighted.

Select the “Set Up” button.

The two-step verification "Set up" button.

You can choose whether to use an authenticator app to generate a code for you or to receive SMS (text) messages with the code. We strongly recommend using an authenticator app as it’s more secure, but two-factor authentication using SMS is still much safer than not using two-factor authentication at all.

Choose your method—we’re going to use an authenticator app—and tap “Continue.”

The verification method dropdown.

Enter your password in the prompt that appears and then tap the “Submit” button.

The Password entry field and the Submit button.

The instructions for adding an account to your authenticator app are displayed. Add a new account in your authenticator app and then tap “Continue.”

LinkedIn's instructions for adding the account to an authenticator app.

Enter the six-digit code from the authenticator app into the text box in LinkedIn and tap “Verify.”

The entry field for the verification code.

Two-factor authentication is now turned on. You won’t have to enter the two-factor code on your phone, although you will have to enter it if you access LinkedIn on any other device.

Tap the “Recovery Codes” link to display the backup codes, so you can still get in if you ever lose your phone.

The "Two-step verification" settings, with "recovery codes" highlighted.

Tap “Copy Codes” and save them somewhere secure. You’ll need them to get into your LinkedIn account if you ever lose or wipe your phone.

The recovery codes, with "Copy Codes" highlighted.

Now that you’ve turned on two-factor authentication, you’ll need to log in again on any other devices you own using the two-factor code.

[mai mult...]

How a Password Manager Protects You From Phishing Scams

Password managers make it easy to use strong, unique passwords everywhere. That’s one significant benefit to using them, but there’s another: Your password manager helps protect you from imposter websites trying to “phish” your password.

What Is Phishing, and How Does It Work?

Phishing is designed to trick you into giving your password or other information to an imposter.

For example, let’s say you get an email claiming to be from your bank. The email says your account may be compromised, and you should click this link to take action. You click the link in the email and end up on a site that looks just like your bank’s real website. In a rush to secure your account, you type your password and possibly other details like your credit card number. Boom, you’ve been phished. The attacker now has your bank account’s username and password, as well as any other information you provided. That wasn’t your bank’s real website. You got an email from a scammer.

Security professionals recommend against clicking links in emails like this. Instead, go to your bank account’s website directly and sign in. Similarly, if someone claiming to be from your bank calls you on the phone, it’s a good idea to hang up and call your bank’s customer service number directly to see if the call is legitimate.

You could end up on a phishing site in many other ways. Maybe you click a link to buy something on the web and end up at what looks like Amazon.com or another legitimate store, for example. Perhaps you click a link to email someone and end up on what appears to be a Google login screen for your Gmail account.

It’s All in the URL

There’s one thing you can do to spot phishing sites: Examine the URL, which is the address of the web page. For example, if you bank with Chase, you’d look to verify you were on chase.com. But phishing sites could be clever—for example, a phishing site might use the domain “secure.chase.com.example.com/onlinebanking/login”.

If you understand URLs, you’ll realize that that particular URL is actually hosted on “example.com” and not “chase.com”.

Similarly, some phishing websites will use characters that look similar to other characters. It’s all part of making the URL look similar to the real one. After all, many people likely don’t examine the URL at all. Even people who do may just be trained to look for something like “chase.com.” Not everyone understands how to decode that line of text.

How a Password Manager Helps Protect You

If you use a password manager, you have additional protection. This is true as long as your password manager can automatically fill your credentials, whether it’s 1Password, LastPass, Dashlane, Bitwarden, or even the password-saving feature built right into your web browser.

If you save a login for a website like Chase.com or Amazon.com, your password manager will remember it and offer to automatically fill it in for you when you’re on Chase.com or Amazon.com. If you end up on a different website, your password manager won’t offer to enter your credentials—after all, you’re on a different website. Your password manager doesn’t fall for the disguised URL.

This protection isn’t fancy, and you won’t see a big red “warning” message pop up. But you will quickly notice that wait a minute; your password manager isn’t offering to sign you in on this website. Why is that? Once you’ve noticed something is amiss, you might quickly discover you’re not on the website you thought you were on.

Peace of Mind When Logging In

Your password manager doesn’t just make it faster to enter your credentials while browsing the web. It gives you peace of mind while it goes about its job.

If you’re signing into your email online, you don’t need to double-check the domain before typing your username and password. You know that, if your password manager is offering to fill your credentials automatically, it’s already checked that the domain is a match with the one saved in your database.

This Works on Smartphones, Too

Of course, the same features are available when you use a password manager on a mobile device like an iPhone, iPad, or Android phone. Use your password manager to enter credentials, and you’ll be protected from phishing on the mobile web, too.

[mai mult...]

How to Set a Password Expiration Date in Windows 10

To maintain your cybersecurity, it’s a good idea to change your computer’s password every once in a while. Windows 10 makes this easier because you can set a password expiration date.

The steps to do this vary, depending on whether you use a local or Microsoft account to log in to your Windows PC, so we’ll look at the process for both.

Set a Password Expiration Date for Your Microsoft Account

On Windows 10, you might have noticed that Microsoft wants you to use a linked Microsoft account to sign in instead of a local account.

You can set a password expiration date for your Microsoft account online. You will then be prompted to reset your password every 72 days. You have to set a new password before you can enable (or disable) this setting.

To do that, head to the Microsoft account security area and sign in. In the “Change Password” section at the top, click “Change.”

Click "Change" in the "Change Password" section.

You’re prompted to provide your existing password, as well as a new one (you can’t reuse your existing one, so type a new, secure password instead).

RELATED: How to Create a Strong Password (and Remember It)

Because you want to set a password expiration date, click the box next to “Make Me Change My Password Every 72 Days” to enable this feature.

Click “Save” to apply your new password and expiration date.

Type your current password, type a new password, click the checkbox next to "Make Me Change My Password Every 72 Days," and then click "Save."

If the change was successful, you’re redirected back to the Microsoft account security page. Sign in and out of Windows to use your new password.

The password for your Microsoft account will expire after 72 days, and you’ll be prompted to change it after your next sign in.

Set a Password Expiration Date for Your Local Account

If you use a local account on your PC rather than a Microsoft one, you can still set an expiration date for your password.

Enable Password Expiration

First, you have to disable a setting that prevents your password from ever expiring.

To do this, press Windows+R keys to open the “Run” launch box. Type netplwiz , and then click “OK” to open your user account settings.

Type "netplwiz," and then click "OK."

In the “Advanced” tab, click “Advanced” to open the “Advanced User Management” tool.

Click "Advanced," and then click "Advanced."

Here, click “Users” in the menu on the left, and then right-click your user account. Click “Properties” to enter the advanced user settings for your local user account.

Click "Users, and then click "Properties."

In the “Properties” menu, uncheck the “Password Never Expires” option, and then click “OK.”

Uncheck the "Password Never Expires" option, and then click "OK."

Set the Maximum Password Age via Local Group Policy Editor

You now need to set the maximum password age for your password. Unlike a Microsoft account, you can set the password for your local account to expire at any time you want.

The default on Windows 10 is 42 days. If you want to leave it this length, you can continue using your PC as normal. When it’s time to reset your password, you’ll be prompted to change it.

If your machine runs Windows 10 Pro, Education, or Enterprise, press Windows+R to open the “Run” launch box. Here, type gpedit.msc, and then click “OK” to open the Local Group Policy Editor.

(If your computer runs Windows 10 Home, follow the instructions in the next section instead.)

Type "gpedit.msc," and then click "OK."

In the menu on the left, navigate to Computer Configuration>Windows Settings>Security Settings>Account Policies>Password Policy, and double-click “Maximum Password Age.”

Double-click "Maximum Password Age."

Change the value from “42” to your preferred length of days, and then click “OK” to save the setting.

Set the maximum password age, and then click "OK."

The expiration date for local accounts on your PC is now set to your preferred length. After this period has elapsed, Windows will prompt you to reset your password.

Set the Maximum Password Age via Windows PowerShell

If your computer runs Windows 10 Home, you have to use the PowerShell or command prompt to set the maximum password age. You can also use this as an alternative to the Local Group Policy Editor process on Windows 10 Pro, Enterprise, and Education.

To get started, right-click the Start menu, and then click “Windows PowerShell (Admin)” or “Command Prompt (Admin),” depending on your version of Windows.

Click "Windows PowerShell (Admin)."

In the PowerShell window, type net accounts to find the existing maximum password age for your accounts.

If you want to change the figure from the default 42 days, type net accounts /maxpwage:00 and replace “00” with the length of time (in days) you want to use.

A password expiration age changed in Windows PowerShell.

The maximum password age you chose is applied to all local accounts on your PC.

[mai mult...]