I mostly blog about the Joomla! Content Management System, business networking, and other geeky subjects which I think are interesting.

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Bloggers
    Bloggers Search for your favorite blogger from this site.
  • Team Blogs
    Team Blogs Find your favorite team blogs here.
  • Login
    Login Login form
Posted by on in Joomla! Content Management System
  • Font size: Larger Smaller
  • Hits: 38820
  • 4 Comments
  • Print

The next generation of website security - two factor authentication

Security is something that always seems to be in the headlines - especially when it comes to websites and servers being hacked or organisations losing important data.  The Joomla! project takes security very seriously, and over the years has led the way for millions of websites around the world to take advantage of these advances.

The latest version of Joomla! which is currently a short term support (STS) release - 3.2 - introduces some pretty significant features, one in particular which we will be implementing for all customers moving forward - two factor authentication.

When you log into your website, you need a username and a password - something which we all know could theoretically be guessed by somebody trying to gain access to your website or stolen using a keylogger which intercepts the keys you press on your computer.  This represents quite a significant risk and has resulted in all kinds of problems over the years.

Two-factor authentication improves the security of your site by requiring something you know (your username and password) alongside something you have (an authorisation token).  This means that if somebody manages to get your username and password, they still can't log in without the randomly generated authorisation code from your device.

Joomla! 3.2 allows you to use Google Authenticator (an app you can download from the app store) or a YubiKey - a small device which can be used to generate a random password at the touch of a button (read more here) - to generate an authentication token which then allows you to log in when provided in conjunction with your username and password.

We have been trialling the Yubikey method in the office, and we were really impressed by the simplicity of both setting up the two factor authentication and using the device to log in, that we are planning to roll this out to all of our clients who have server or website support contracts with us over the coming months.

Here is a video explaining how Two Factor Authentication works - if you'd like more information do get in touch!

 

Rate this blog entry:
I am the owner and Director of Virya Technologies, with the responsibility for leading the website design team.

I am primarily involved with the day to day management of our website projects, ongoing support contracts and liaising with our clients from across the world.

Comments

  • Guest
    Donald H White Saturday, 23 November 2013

    Two-factor authentication is a superb method to use to control hacking & hijacking attempts. The problem is the requirement to also use a smart or cell phone. Some of us, like me, are dinosaurs.

  • Guest
    rozermartin27 Tuesday, 31 December 2013

    I agree with your thoughts, two factor authentication if for sure going a level up with consumers security policies. Thanks for sharing the post.

    Sunrise PC Support

  • Ruth Cheesley
    Ruth Cheesley Monday, 06 January 2014

    Partially true Donald, you can also use 2 Factor Authentication with a Yubikey which is what we're opting for. They were being given away by Polished Geek at JWC this year where I got one to try out - well work the investment as all you need to be able to do is stick it in your USB drive and press the button .. it even hits enter for you :P

    Ruth

  • Guest
    Redspark Technologies Pvt. Ltd. Tuesday, 20 May 2014

    Amazing article this is something different from other post. Thanks Ruth for giving out the idea of 2 factor authentication with Yubikey.

Leave your comment

Guest Saturday, 29 April 2017

Looking for our open source software?

viryasoftwarelogo

We release and support our open source software at Virya Software

Forthcoming events

No events found

Latest tweets

Virya Technologies If you work in Marketing, SEO, SEM, or any related fields and you're based in/around Suffolk, make sure this is on y…https://t.co/p6Pa8rF4dv
Friday, 06 February 2015 08:43
Virya Technologies We will be conducting essential hardware maintenance from 11pm GMT tonight on our Prajna server, which will result in a period of downtime
Sunday, 01 February 2015 14:48
Virya Technologies We are aware of an outage on our shared hosting server Prajna and are working to resolve this urgently
Monday, 13 October 2014 12:43

Follow ViryaTech on Twitter