Blog Feed
2FA Security Flaws You Should Know About
Hackers are not lazy, they evolve fast, so relying on old security measures is a terrible idea. Today we will look into how secure two-factor authentication is in general, what methods are used to hack 2FA and up-to-date ways to protect yourself against those account hacks. Finally, you will get answers to the most recurrent questions on 2FA security. How secure is two-factor authentication? Is two-factor authentication safe? All accounts (emails, apps, online stores, etc.) are protected with a user password, it’s been done that way for ages. Unfortunately, passwords like “123456”, “qwerty” and “password” have been the most used ones for ages too. They still are, however mind-boggling that is. 2FA authentication adds a second layer to the common user password protection. The second security factor can be either something you have (your cellphone or hardware OTP token) or something you are (your fingerprint). In addition to something you know (the password), it creates another way for the server to confirm you are who you say you are. So an account protected with dual authentication is much harder to hack into, even if the user password is easy to compromise. The strengths of one factor surpass the vulnarability of the other. But is two-factor authentication hackable? It is if you let it. Let’s take a look at how. How would hackers bypass two-factor authentication system? 1. Real-time phishing 2FA was created to fight against phishing as a login weakness. Lo and behold … the hackers come up with a new two-factor authentication hack — real-time phishing. A fake website that looks exactly like its legitimate counterpart is set up. Then the hacker sends the target an email prompting them to login for whatever reason (account expiration, some action needed to be taken etc). The user goes to the login page, which looks and works exactly like the one the user expects to see, they log in using their user password. Then the fake website asks for the second factor, just like the legitimate one would, the user complies and enters the OTP (one-time password) and the phishing website captures both passwords. In the background, the hacker has a few seconds to use the combination to get into the real account. 2. Social Engineering This is a popular social engineering scheme — a criminal impersonates the target’s bank or a service provider, there have been accidents when a crook impersonated even a law enforcement agent and tricks the user to disclose the OTP. However, many warnings are issued, however often the account providers tell their customers to never trust such calls, social engineering attacks are still very successful. 3. Man in the middle and man in the browser attacks Man in the middle attack implies that the hacker inserts himself in the middle of the two systems’ communication. This can be done either with a fraudulent cryptographic certificate, inserting fake root certificates in the target’s browser database of trusted certificates, or by compromising a root certificate authority listed in the database. As a result, two connections are created — client-attacker and attacker-server, instead of a single client-server one. Once the connection is intercepted the hacker can read and modify the transactions done via the connection. Man in the browser uses a Trojan horse to intercept and manipulate the transactions...
read moreHow to Protect Yourself From Email Hacking
We have almost stopped writing paper letters, those on crispy brand-new sheets. The lion’s share of the correspondence is now sent via emails. And often it is not even personal correspondence. For personal purposes, we have different messengers and can have an interactive dialogue. Usually, emails are used for sending business letters, which contain sensitive information. Thus, the email data protection is extremely important and you should know how to protect yourself from email hacking. Forewarned Is Forearmed: How Email Hacking Is Usually Performed By the phone number. If your phone number is connected to your email account, and a hacker knows it, the following scheme can be used. Hacker contacts the mail service to reset the password and specifies the real user’s phone. The mail service sends a code to this phone number to confirm the password changing. The hacker, in his turn, sends the SMS as if on behalf of the mail service, requesting to specify this code. If the account owner does not notice the difference in the address of the two SMS senders, the hacker will get a one-time password and use it for their own purposes. Using the Trojan Virus. One of the most convenient ways of email hacking is to install a Trojan virus on a victim’s computer. The malware is usually sent in the form of the link in the Email. The only difficulty is to convince a user to follow this link. Since only the most naive people now fall for the freebies, which were so popular previously, the cyber hackers had to change their attack style. Now, the virus-infected email may look like a letter from the bank or internet provider: with seals, logos, and an offer to download a file with new rules or to install a client-bank software system. Trojans are constantly being improved. Unfortunately, antivirus software cannot detect all of them. By getting physical access to the victim’s computer. Having an opportunity to stay alone with the victim’s computer at least for a short time, the hacker can install a key logger or a password recovery program. In the first case, a special key logger hardware or software will record everything the user is typing (including passwords), and then the logs are emailed to the hacker’s address. With the help of the password recovery tools (which generally are not detected with antiviruses), the ready-made data can be received immediately. There is a simpler version of email hacking, even without special programs. Just copy the Cookies catalog and analyze it with the passwords search tool. However, this can only work if passwords are stored in the browser. And this is what the vast majority of users exactly do. Using social engineering. Hacking of the CIA director Brennan’s email account has become one of the most clamorous recent scandals. It is surprising that an email of the Head of the Intelligence Agency was hacked by a teenager who hadn’t deep technical knowledge. The young hacker contacted the mobile operator, introduced himself as a technical support employee and found out all Brennen’s personal information he needed. Then he called his email service customer support on behalf of the account owner and asked for the password recovery. Since the necessary information (account number, phone number, PIN-code, etc.) had been already received...
read moreHow to Secure Bitcoin Wallet
A couple of years ago Bitcoin made quite a stir all across the mainstream media when the price skyrocketed. People that never even heard about blockchain, cryptocurrencies or Bitcoin wallet suddenly started looking into buying some. That’s when more and more horror stories from people that lost all their assets due to a lost password or stolen keys started to appear in common press, like the Guardian. Though we’ve all been reading such horror stories on Reddit for years before that. I remember reading this article back then, the guy described in every excruciating detail how he forgot his PIN and tried to get access to his money for almost a year. I clearly remember thinking when I finished reading — “I wouldn’t want to live through something like that”. Yes, investing in a bit of cryptocurrency seems to make sense, but the risk is too high, it’s too easy to lose all my investment. Or is it? Luckily, I have done the research and know precisely how to protect my investments. And today I’m going to share that knowledge with you. Read on to find out how a BTC wallet works, what are available Bitcoin wallet types, and most importantly — how to secure Bitcoin wallet to get yourself a safe wallet and thus never have to publish your own horror story on Reddit. Here is a table of contents for your convenience: How does a Bitcoin wallet work What are the types of cryptocurrency wallets Hot cryptocurrency wallets 1. Web wallets / online wallets / cryptocurrency exchanges 2. Mobile wallets 3. Desktop wallets & Bitcoin clients Cold cryptocurrency wallets 1. Paper wallets 2. Hardware wallets How to protect hot cryptocurrency wallet 1. Keep only a small amount of Bitcoins in your wallet 2. Use two-factor authentication 3. Encrypt your wallet 4. Backup your wallet! 5. Keep your Bitcoin Software up to date but turn off auto-updates 6. Use multi-signature to protect against theft 7. Think about the future 8. A few more security tips How to protect cold cryptocurrency wallet Final word Read more Protect your online wallet with 2FA token How does a Bitcoin wallet work For the purpose of not making this post as long as the Song of Ice and Fire saga, we assume that you already have an understanding of blockchain, Bitcoin and how it works. Now, let’s take a look at a cryptocurrency wallet. Unlike a physical purse, it does not actually store any coins. All the cryptocurrency is compiled in the blockchain, which in its turn is accumulated on thousands of node computers across the world. What the wallet does contain are the Bitcoin address, public key and private key, which combined create a permission for the wallet’s owner to use the coins associated with it. Every Bitcoin address is unique, there are no two identical addresses. It looks like a string of random characters (both numerical and alphabetical, upper and lower case). Think about the Bitcoin address as a bank account number. Just like you’d do with a bank account, if you want someone to pay you, you simply give them a wallet receiving address. One bitcoin wallet can have an unlimited number of receiving addresses, generated by the public key assigned to it. The public and private keys are...
read moreKeylogger Definition, Detection, and Protection
There are hundreds, if not thousands, types of malware spread online. Out of them all, keyloggers can legitimately be considered the worst. We are not being dramatic here. If you get infected with a keylogger virus you basically show the hackers everything typed on the keyboard. Passwords, credit card credentials, messages, everything you search for, all of it gets to be exposed and easily stolen. Read on to learn: the keystroke logging definition, types of this malware you can come across, how keylogger software is spread, ways to check for keylogger ways to protect yourself from all the types of keyloggers and spyware. Keylogger definition Key logger, keystroke logger, also called system monitor, is a perfectly legal surveillance technology. When installed with your own hands on your own computer or smartphone, that is. Corporations commonly use this tool to track and troubleshoot tech issues and surreptitiously monitor their employees. Parents can use this software to monitor the ways their kids use the Internet too. There are known episodes when governments used the technology to collect and analyse info for crime solving. So what is keystroke logging? As the name suggests, keylogging is a process of recording every key clicked on a keyboard (both desktop and mobile). Keystroke logging technology allows for gathering info on login credentials, web browsing, basically, everything that involves typing, and then sending the collected info, often encrypted, to a server, where it can be decrypted and read. | Read also: How Does Brute Force Attack Work Types of keyloggers There are two ways to divide all the keyloggers into types. First one takes into consideration the way the recording is performed. With this approach all the keylogging can roughly be divided into the following types: Form-grabbing Memory-injection API-based Kernel-based Hypervisor-based The second approach divides them into software and hardware ones, and it’s much easier to understand. Hardware keyloggers As the name suggests, hardware keyloggers are physical devices. These devices can be either inconspicuous looking plug-in types that are inserted into the keyboard port, or modules embedded into the keyboard or the internal computer hardware. Either way, the criminals will have to gain access to the victim’s computer to plant the device. And to collect it to read the info later, since most of these devices do not transmit the gathered information back to the hackers. Software keyloggers Software keylogging is much easier to do. There’s no need to install a physical device, so no need to break into an actual office or home. All the criminals have to do is infect the victim’s computer, which is much easier done than you might think. Unlike a lot of other malware, keylogging software is not harmful to the infected systems. Their whole point is to stay hidden, operate under the radar and silently and continuously send logs of every action done with the keyboard back to the hacker. The most commonly used software keylogger is memory injection soft. This is essentially a Trojan virus altering the system memory to bypass security. Another popular software records every form submitted online from the infected computer. So if you submit a form to create, say, a bank account, the hacker will know every piece of data you submitted. | Read also: Social Engineering: What It Is and Why It Works...
read moreHow Does Brute Force Attack Work
Brute force attack is one of the oldest hacking methods, yet still one of the most popular and most successful ones. With computers and technologies evolving as fast as they are, bruteforce attacking is now fairly easy to run and more difficult to protect against. Brute force attack definition So, what is brute force exactly? Brute force definition can be given as such — it is a type of cryptanalytic attack that uses a simple trial and error, or guessing method. In other words — a criminal gains access to a user’s account by guessing the login credentials. Sometimes, brute force attacks are still done by hand, meaning that there’s an actual person sitting in some basement and playing a guessing game with your credentials. But, more often than not these days, the hackers use a brute force algorithm, or brute force password cracker, which is, basically, a bot that submits infinite variations of username/password combination and notifies the hacker when it gets in. What is bruteforce attack with examples Brute force has been around ever since coding was invented. Naturally, the public’s been informed about some high profile attacks over the years. Though we can safely assume we do not know about a lot of the ones in the past and ongoing break-ins. The most well-known brute force examples are: the 2016 Alibaba attack, when millions of accounts were affected; 2018 Magento break-in that resulted in a thousand admin panels compromised; another rather recent example occurred in Northern Ireland, where several accounts of parliament members were compromised; and our favorite — in early 2018 it turned out that Firefox master password is very easy to crack with brute force, which means millions of user accounts might have been compromised over the years it’s been widely used. So, how does a brute force attack work exactly? As we’ve already established, brute force hacking implies that someone is trying numerous combinations of username and password, again and again, and again, until they gain the desired access. So let’s say a username is as simple as “admin” and doesn’t take too much effort to guess (we bet that’s the first one any hacker tries). The password is a whole other story. Usually, a password requires at least 8 alphanumeric characters. There are 26 letters, if the password is lowercase and letters only (which it rarely is), so it makes for 26 possibilities for one character of the password. We can double that, because most passwords are case-sensitive. So it makes 52 possibilities for one character of a password. Add to that 10 digits and, for example, 5 special characters, and you get 67, which roughly makes 406 trillion combinations for the whole 8 characters alphanumeric password. | Read also: How to Choose and Use Strong Passwords How fast can a password be cracked How long does a brute force attack take? We have 406 trillion combinations. Seams like it will take centuries to crack, right? The answer is yes, if the bot attempts a thousand combinations per second. But the technologies evolve, remember? So, taking that into consideration, how fast can a random password be cracked? There are computers that can do a hundred billion guesses per second and get the correct password in a few hours. There are even super...
read moreSMS Authentication: All Pros and Cons Explained
It’s delightful to see that more and more websites, apps and services employ MFA and even make this type of log-in protection a mandatory feature. What makes us a bit concerned, is that a huge portion of those websites still opt for SMS 2fa. Despite the facts that SMS verification has too many limitations and has been proven to be a lot less secure as any other two-factor authentication method. In fact, NIST (the National Institute of Standards and Technology) has issued a recommendation to replace SMS authentication with other types of MFA back in 2016. We do believe that SMS protection is way better than no protection at all. But is SMS secure? If it’s not, why so many companies continue to use it? Is SMS two-factor authentication really as evil as they say it is? What can it be replaced with? Let’s find out! SMS Authentication Pros SMS two-factor authentication is still alive and striving partly because of SMS ubiquity. It is a standard feature of most mobile plans from basically every mobile operator all over the world. Even if a user has no smartphone, they most probably have a simple mobile phone, which supports SMS.It is easy. There’s no need to download any apps, scan any QR codes, etc. SMS has been around for quite a while (the first SMS was sent back in 1992), even my grandmother knows how to use it, and she’s 90. So if you’ve got a non-tech savvy user you can bet they will be able to use an SMS authentication code, while a more advanced MFA type might become an issue.Finally, if someone tries to breach your account, an SMS code will be delivered no matter what. Some MFA apps, for instance, might malfunction in this scenario if there’s no Internet access. And with a two-factor authentication SMS you’ll know for sure something’s not right. Unless, of course, it’s a spoof SMS, or you are not the one receiving the verification password. And that’s where we come to the cons of SMS MFA. SMS Authentication Cons As a number of infamous data breach scandals has shown over the last couple of years – breaking into an SMS protected account is not that hard for an average crook, and very easy for a well-equipped and motivated one. The well-known Twitter break-in was done by impersonating the victim and convincing the provider company to transfer the victim’s text messages to the perpetrator’s SIM card. This is rather easy to do, especially if the criminals know some other bit of information about you, your social security number for example.A similar way to intercept your SMS one-time passwords is again by impersonating you, but this time requesting your telecom service provider to transfer the service to a different carrier. The criminals simply set up with another provider and carry on with their crime.Most of the SMS-based MFA systems offer a recovery option in case a user loses their phone or changes the number. If the hacker has access to your email they can reset the 2FA system, use the fake phone number for verification and you won’t even notice until it’s too late.If you are still wondering how secure is SMS, just consider the following. All the telecom infrastructure around the world relies on...
read morePayPal Two-Factor Authentication with Hardware Security Key
PayPal two-factor authentication became available to users in far 2007. Everybody wishing to protect their PayPal login could order a $5 security token directly from their account. Unfortunately, later the company discontinued the use of its own hardware tokens in favor of SMS-based authentication, decreasing PayPal security considerably. But the situation with PayPal two-factor authentication is changing once again, for the better now: Since 2018, you can use MFA applications to log into PayPal (Google Authenticator, Protectimus Smart, etc.) As MFA apps are available, it’s also possible to use hardware security keys again. There’s just one catch — only programmable tokens will fit for PayPal two-factor authentication. Buy hardware security key for PayPal How do I enable PayPal 2FA? Step 1 To activate two-factor authentication in PayPal sign in your account and navigate to the settings menu. Step 2 Choose the Security tab. Step 3 In the “2-step verification” section, click Set Up. Step 4 At this point, you’ll need to choose one of the available two-factor authentication methods: SMS or MFA application. Programmable hardware tokens can be linked with PayPal as MFA applications. SMS. When you choose SMS authentication, you’ll need to provide a real phone number. You’ll instantly receive a message containing a PayPal security code to confirm the number is correct. We don’t recommend using SMS if you’re able to set up a 2FA app instead or order a hardware token for use with PayPal. 2FA app. Choose this option if you want to link an in-app PayPal authenticator, or the Protectimus Slim NFC – programmable PayPal security key. Step 5 If you haven’t already installed a one-time password generator app, install a free app Protectimus SMART OTP or any other 2-factor authentication app. If you want to use a hardware security token, you’ll need to already have one at this point. It must be a programmable TOTP token – Protectimus Slim NFC or a similar one. The process to link a programmable hardware token to PayPal is no different than the process of linking a two-factor authentication app. To set up the token, you’ll need an Android smartphone that supports NFC. At this point, you’ll see a QR code containing the secret key. Scan this secret key using a two-factor authentication app, or using the Protectimus TOTP Burner app if you’re linking a hardware PayPal security key Protectimus Slim NFC. If you aren’t able to scan the QR code, you can input the secret key manually. You’ll find detailed instructions for programming the secret key into the Protectimus Slim NFC token here. Step 6 To finish setting up PayPal 2-factor authentication, generate a one-time password with your token and enter it in the provided field. Step 7 Create a backup token. If you lose access to your current token, you can restore access to PayPal with your backup token. Remember that if you choose SMS authentication for backup, your PayPal account login will be less secure, even if you linked a hardware security key in the previous step. The best option is to use a hardware token as your main means of authentication and a 2FA PayPal app as a backup, or the other way around. | Read also: How to Backup Google Authenticator or Transfer It to a New Phone What’s the best option...
read moreHow to Get Protected from RFID Credit Card Fraud
Remote stealing of money from bank cards embedded with RFID chips, which is also called an RFID credit card fraud, is quite common for all countries where people use RFID cards, especially for the US and Europe. Let’s try to figure out how this happens and what should you do to protect yourself from such attacks. The RFID technology simplifies the process of cashless payments and is used by international payment systems MasterCard (PayPass) and Visa (PayWave). The convenience of such cards is that when making a purchase for an amount not exceeding a bank-specified limit (in the EU – 25 euros, in the U.S. – $15, in the U.K. – 20 pounds, in Russia – 1000 rubles), the owner doesn’t have to enter the PIN-code or leave a signature on the check. A crooks’ scenario is similar to that of car hijackers. Their task is to get closer, wait for the right moment and seize the necessary data promptly – whether it’s an intercepted signal of an electric lock or an RFID credit card fraud. To steal money from the bank cards remotely the crooks use improvised contactless readers, which work similar to a PoS-terminal – a legal RFID-reader, but they are much more functional. To obtain the necessary information the hackers need to move this reader to the card at a distance of 5-20 centimeters. The thus-obtained data is either saved or transmitted to the counterfeit cards for future use. Even if the card with an RFID-chip is PIN-protected, its number and expiration date are enough for illegal transactions or even creation of a counterfeit magnetic stripe of the card. Coming from the above, even if your wallet with credit cards is securely hidden from prying eyes and hands deep in a pocket or handbag, you can still ‘get robbed’ in a public transport, street crowd, or even at a cash register at a supermarket. Any owner of a card with a contactless payment technology can be attacked. | Read also: The Most Common Ways of Credit Card Fraud How to get protected against RFID credit card fraud? There are not so many ways to protect yourself from the RFID credit card fraud: Data protection experts advise using special bags and wallets with insulation. It is also possible to complicate the task for the hacker having put a few credit cards in one place. Moreover, a few years ago Betabrand clothing manufacturer and anti-virus company Symantec cooperated to design jeans and blazers with pockets made using a special silver RFID-blocking material that prevents the scanner rays from passing through. Ready Jeans with a front and back left pockets being ‘under the Norton protection’ cost $168, and enjoy great popularity in the U.S. A Jacket Work-it at the cost of $198 is a little bit less popular than denims, but it is only because jeans are a more unique garment than the expensive blazer. It’s sad that even if using all the above mentioned costly data protection methods and complying with all safety rules, we cannot fully protect ourselves from phishing, online skimming, social engineering, MITM attack, etc. Thus, as a two-factor authentication provider, we also advise to be always cautious, careful and turn on two-factor authentication for every online bank operation you do in advance. Using 2FA...
read moreTime Drift in TOTP Hardware Tokens Explained and Solved
Multi-factor authentication by a Time based One Time Password (TOTP) generated with a physical device is, without any doubt, the staunchest approach to safeguarding sensitive data and securing access to your invaluable accounts. But being physical objects and having no internet connection gives physical TOTP tokens both their main strength and their major drawback. Without any connection to the net, the tokens’ internal clocks inevitably start drifting, and in a few years, this clock drift may become a major issue. In this post, we will look into the time drift problem with TOTP hardware tokens in detail, see exactly why and how this issue occurs, describe how TOTP works and show you how we finally solved the time synchronization problem in the latest Protectimus Slim NFC tokens generation. Buy TOTP token with time synchronization feature Protectimus Slim NFC How does the TOTP algorithm work? As has been mentioned above — TOTP is an abbreviation of Time-based One-Time Password. It’s a standardized cryptographic algorithm for generating unique one-time passwords, that remain valid only for 30 seconds. TOTP algorithm is a branch of HOTP – HMAC-based one-time password algorithm, so to understands TOTP it makes sense to understand the HOTP algorithm first. What is the difference between TOTP and HOTP? TOTP one-time passwords are valid only for 30 seconds. HOTP one-time passwords, in their turn, remain valid until the server receives a new one-time password verification request. TOTP algorithm is a much more secure version of the HOTP algorithm. HOTP HOTP is the parent OATH one-time password generation algorithm that generates a one-time verification code by mixing a secret key (a shared value) with a counter (a moving factor – variable). A counter is the event of generation of the OTP password. Every time a new one-time password is created, the number of events increases by one, and this monotonously increasing value is used as the variable in the HOTP algorithm. A secret key is the line of symbols shared by the authenticating server and the device on the user’s end (2FA token). The HOTP algorithm processes and hashes the input data (secret key and the current counter value), them cuts the resulting hash to 6 or 8 characters, and this is when we get the one-time password shown on the OATH token. TOTP TOTP algorithm works exactly like HOTP, but, in its turn, gets its moving factor from the running time interval. In other words, TOTP algorithm generates one-time passcodes by mixing a secret key (a shared value) with a current time interval (a moving factor – variable). Therefore, it is very important for the current time on the server and on the token to match. | Read also: One-Time Passwords: Generation Algorithms and Overview of the Main Types of Tokens How do TOTP tokens work? All of the existing multi-factor authentication tokens may be roughly split into two types — the software ones, which refer to using the user’s phone for generating or accepting one-time passwords (authentication apps, chatbots, etc.) and hardware ones (re-programmable or classic hardware OTP tokens). The TOTP algorithm itself can be used in any of these types of MFA tokens, but there’s a slight difference in their setup. Let’s dig deeper into this rather complex process. The TOTP token enrollment First of all, the user...
read moreTwo-factor authentication for Windows 7, 8, 10, 11
Since Windows is one of the most used systems, especially among various businesses, it makes sense to thoroughly protect it. Protectimus has an excellent two-factor authentication software for Windows 7, 8, 8.1, 10, 11. In this article, we will look into how it works and how to set it up. And we will address the most common questions on our two-factor authentication for Windows login. How does two-factor authentication for Windows login work Two-factor authentication for Windows login is rather simple. The process consists of two successive levels of login, just as the name suggests. First, the user has to sign in with their common Windows credentials (their regular username and password). On the second level, the user has to enter a one-time password (OTP). This password is valid only for 30-60 seconds and can be delivered or generated via a number of different ways, the user can choose which way they prefer. It can be a chat-bot message, 2FA app, email, SMS or one of our hardware security tokens. Windows 7 two-factor authentication ensures there’s minimum to none risk for the Windows user account to be breached if the user’s regular password is compromised. In this unfortunate case, the criminals will have to get access to the user’s email, phone or hardware token, which is much harder to accomplish. And at the same time, if the phone or OTP token is compromised, the attacker still has to guess the password. Besides, each one-time password generated by your two-factor authentication token can be used only once and is time sensitive. This means that the generated code will simply expire and won’t be usable within 30-60 seconds. Which makes it almost impossible to intercept and have the code used for unauthorized access to the protected Windows account. | Read also: 10 Windows Computer Safety Tips How to set up two-factor authentication for Windows 7, 8, 10, 11 It is very easy and fast to set up Protectimus dual factor authentication Windows solution and have your Windows 7, 8, 8.1, 10 or 11 thoroughly protected from unauthorized access, the whole process usually takes less than 15 minutes. This Windows two-factor authentication software is designed both for individual and business users. So it’s very easy to set it up. The set up can be done by any user themselves without involving an admin with special skills. 1. Create account in Protectimus Service Fill out the registration form and create your Protectimus 2FA service account. 2. Activate a Service Plan Choose a service plan and make sure to activate it, even if it’s a Free service plan. The API won’t function unless a service plan is activated. It can be deactivated at any time. 3. Create a Resource To group and easily manage the users and tokens we use Resources. So the first step to actually start using Protectimus MFA for your Windows is to create a Resource, which is done by clicking one single button and giving a name to the Resource you created. 4. Enable Automatic Registration of Users and Tokens Once a Resource is created, switch on automatic registration of Users and Tokens. When the automatic registration of Users and Tokens is enabled, your users will enroll their tokens themselves during their first login to the Windows account after you install the...
read more