safety

Could they clone your 2FA keys? Tips to avoid it

Keeping our systems safe, safe from computer attacks, is essential. For this it is very important to have good passwords that act as a barrier. This can also be applied to the accounts that we use in our day to day. For example email, social networks, Internet records … We must always have passwords that are complex and protect us. In this article we are going to talk about how you could clone a 2FA key. We will also see what it consists of.

What are 2FA keys

The two – factor authentication(also known as two-step authentication or multi-factor authentication) allows us to add an extra layer of security to our accounts and devices. It basically consists in that, in addition to the password, we have to authenticate by another method. This will allow us to better protect ourselves in case someone steals our access password. Thanks to the second authentication factor, if our password is leaked in a database that cybercriminals have attacked, our account and our digital identity will be safe thanks to this second authentication factor. Today, with the dangers that exist on the Internet, it is absolutely necessary to make use of the second factor of authentication in the different Internet services such as Google, Microsoft, Facebook, Amazon,

A 2FA key has that function. It is a physical device that allows users to authenticate beyond simply entering a password. One more way to double-check that this user is legitimate and is not some intruder trying to access the account. That key generates codes that serve to authenticate us. In this way, when we put it on the computer and we want to log in to the Internet, we simply have to wait for it to recognize it and verify who is trying to log in.

It is true that it is not yet something that is very widespread, although more and more online services are compatible with this feature. Little by little more will appear and this type of device may have a greater use among users.

How could they clone a 2FA key

We have seen what a 2FA key is. We have seen that it is a very interesting device to authenticate ourselves on the network and serve as a complement to passwords to log in with total security without putting our data at risk. Now, could you clone it?

It should be noted that it is not something simple and not economical, however, it is not impossible. A user with the necessary keys and knowledge could carry out this type of attack in case of detecting an uncorrected vulnerability. Normally this type of attack is carried out on important people in the world of technology, to enter a company and violate its security, etc., normally a domestic user who does not work in a large company will not be the target of cybercriminals, but it is It is recommended that you never lower your guard and do not trust yourself.

A group of NinjaLab security researchers used a 2FA key, a Google Titan, and managed to clone it. This was possible due to a vulnerability in the chip I was using. It is not something easy to carry out and much less anyone could achieve it. In addition, as we have seen, it would be necessary that there was some vulnerability. We can say that 2FA keys are very safe and almost impossible to clone. Now, if necessary, there could be a possibility of it happening. Therefore we are also going to give some tips to avoid being victims of this type of problem, because even if we have 2FA authentication with a newly purchased key, 100% security does not exist.

How to Protect Multi-Factor Authentication Keys

Not only is it enough to use a password and in this case a multiple authentication key, but also to put it to good use. It is important to have some tips to minimize your security risk and avoid problems.

  • Use strong keys : something basic is always to use passwords that are strong. Our advice is to have keys that contain letters (uppercase and lowercase), numbers and other special symbols. It always has to be random and unique, to avoid what is known as a domino effect and affecting other accounts. This will be the main barrier, beyond later complementing it with the 2FA key.
  • Protect the 2FA key physically : we must understand the 2FA key as if it were the one of our house or vehicle. It must always be in a safe place, we must not lose it or leave it lying around for anyone to see. Nor should we ever leave it inserted in our computer and lose sight of it, because it will be essential to log in to the different email services, PayPal, Amazon and many others, therefore, you must protect it and always carry it with you, as if it were an extension of your smartphone.
  • In case of doubt, delete the password : in case we have any doubts about whether our password has been filtered, we must delete it. Better to be safe than have problems in the future. We can always get a new one that properly protects our accounts and devices.
  • Use functions to detect clones : There are functions to know if a 2FA key has been cloned. We have seen that it is difficult for this to happen, but not impossible. Google uses FIDO U2F container functions that allow it to detect keys that could have been cloned.

In short, 2FA keys are very useful to protect our accounts. More and more services are available. However, although it is somewhat unlikely, they could be cloned. We have seen some essential tips to increase security and not have problems. Today in cybersecurity it is essential to always have two authentication factors and even more, to be as well protected as possible against external threats. Physical 2FA keys are a very good way to protect our accounts, although you could also use your own smartphone as a second authentication factor, without having to buy an additional 2FA key, because you will always have to carry it with you at all times.

Leave a Reply

Your email address will not be published.

Back to top button