Two-factor authentication and dynamic IP updates Two-factor authentication...

Two-factor authentication and dynamic IP updates

DDNS   DEREK MANNING   1 COMMENTS

At Dynu, we strive to provide you with the necessary tools to keep your account secure. Two-factor authentication (or 2FA) is the best way to ensure security and has been available for your use for many years now. Without two-factor authentication, should your account password be compromised, your account could be subject to unauthorized access and you may lose your domain name, emails, etc.

1
What is two-factor authentication?

Two-factor authentication (also known as 2FA) provides a more secure login process because when you (or anyone) attempts to log into your account, you'll have to have two pieces of information ready:

  • the account password
  • a one-time authorization code generated by a mobile application or an SMS text message.

  • This is like withdrawing cash from the AMT machine at the bank, which requires both a debit card and a personal identification number (PIN). The difference here is that you'll have to use a different authentication code every time you sign in, because an authentication code expires within a certain period of time. The idea is that you’re more secure if somebody needs both your password and the physical phone to get access to your accounts.

    Two-factor authentication
    2
    How to enable two-factor authentication?

    Log into the Control Panel and go to My Account area. Click the Two Factor Authentication link and you will be shown instructions on how to set it up.

    3
    2FA does not affect your DDNS updates

    Many customers are hesitant to turn on two-factor authentication for fear that their configuration for IP updates may be affected. Two-factor authentication is set up on the account level and will only be requested when you try to log into our website, so enabling it does not affect your IP updates. We have separate security tools for IP updates such as a separate IP Update Password for the entire account and group passwords for a list of selected domains.

    4
    No worries even if you lose your 2FA device

    Two-factor authentication isn't bulletproof, but it is a decent extra layer of protection that makes you a smaller target for cybercriminals. If attackers cannot use a password alone to access your account without your second factor, you won’t be able to either. You may be unable to recover your second factor if the phone with your authenticator app, is lost, stolen, or broken. We considered these factors when building the 2FA feature and provide you with a dozen of one-time backup codes to avoid getting locked out of your account. If the worst-case scenario happens that you also lose the one-time backup codes, you can open a support ticket and our agents will help verify your identity by asking your questions about your account and requesting identity proof, etc.

    We promise that you will never be locked out of your account by turning on 2FA! On the contrary, by not turning on 2FA, you risk losing your account to malicious hackers. Give us a shout if you have any concerns!






    epierce
    August 28, 2024 AT 15:23

    TOTP is always a nice start, but do you have any plans to support FIDO2 or WebAuthn? I've got a pair of Yubikeys sitting around just begging to be used for even stronger 2fa.

    Reply



    *
    * (Your email address will not be published.)
    Loading...