How to prevent password theft thanks to TOTP and 2FA access

by
September 12, 2024
Share
The passwords we created in the past to sign up for all kinds of websites remain the first line of defence to protect our accounts, and sometimes the only one. It was logical not to give much thought to what we were writing in the box at the time (it was probably something easy to remember). We were curious and impatient to register as quickly as possible in order to enjoy what the website had to offer. 
But a long time has gone by since then, and we can’t remember many of those passwords. This period has also served as an apprenticeship for cybercriminals, enabling them to perfect their password-stealing technique. So now, more than ever before, it’s time to learn how to stop implementing passwords that may be targeted by threats. 

Tips to avoid having your digital identity passwords stolen 

You may have already created your passwords, but you’re sufficiently aware of the need to protect them, albeit externally. Good news: you can still do so. 

Enabling two-factor authentication (2FA) 

You can enable two-factor authentication (2FA) on numerous websites. If you enable it, you’ll have a second line of protection for your credentials and accounts, with a code sent to your mobile phone in addition to your existing password. 

Activating the login detector with TOTP codes 

You may have already heard of OTPs (one-time passwords) and their benefits; once you use them, you can’t use them again. They serve as a complement to your usual password, but you can’t log in without them. Even if someone knows your password, it won’t be of any use to them without this security code. This renders the passwords useless for cybercriminals and hinders their activity. 
TOTP codes go one step further. They’re time-based one-time passwords. They’re still a form of authentication, but the codes that are generated change every 30 seconds, regardless of whether you’ve entered them or not. Hackers won’t just have to find your password and crack the OTP code, they’ll also be restricted by time. 

Subscribe to our newsletter!

Find out about our offers and news before anyone else

Using these codes is the best solution for preventing password theft and living with peace of mind, in the knowledge that you’re doing everything you can to keep your passwords secure. We’re well aware of this at TU, which is why we’ve incorporated this code generation feature into our Latch product, the an authorization control platform that protects your accounts. As a result of the above, you’ll easily be able to incorporate the TOTP codes, as well as all the functions that Latch provides in the services and applications that are compatible with it. 

Using password managers 

The use of password managers is becoming very popular. All you have to do is download an application in which you can not only create future passwords, but also store your existing ones and manage them securely. It also includes features such as auto-complete, enabling you to automatically fill in your credentials when you log into websites, and synchronisation, allowing you to access them via any device. 

Updating your software 

Although it may not seem to be of much use in preventing password theft, updating your software is one way of contributing to your protection. If you update your mobile phone and/or computer to their latest versions, you’ll be able to fix any potential bugs that are in them while being impossible to intercept. 

Tips for creating strong passwords 

When it comes to creating your password, there are some precautionary measures you can take. Many websites have already built in these tips, several of them in a mandatory fashion; they won’t let you continue until your password meets certain requirements. 
  • It must contain at least 12 characters. If it has more than 14, so much the better. 
  • Use upper case, lower case, combinations of letters, numbers and symbols. 
  • Don’t use existing words in other words; ensure that the password can’t be read as such and that the combination of letters is random
  • Don’t include any personal data such as your name or date of birth. 
While these tips may seem a bit over the top, unnecessary or even a nuisance, they’re the basis for a secure password. Another tip is to avoid reusing passwords in the event of information leaks. Cybercriminals won’t hesitate to try using the same password on other websites you’ve signed up for. 
Latch will help you to keep your digital life and passwords secure. 
Graduada en el Doble Grado de Ingeniería en Diseño Industrial y Desarrollo de Producto + Ingeniería Mecánica. Soy una persona muy organizada, pero con una mente muy creativa. Trabajo en el equipo de Product Marketing CDO en Telefónica Innovación Digital aprendiendo todo lo que puedo.

More posts of interest