The Importance of Two Factor Authentication on Your Smartwatch
2-Factor Authentication in e-Invoice System/e-Way Bill: Options, Steps and Importance
National Informatics Centre (NIC) has introduced the two-factor authentication (2FA) to log in to the e-way bill or e-invoice system. It aims to improve the security of the e-way bill and e-invoice system. Besides username and password, the user would now require providing a one-time password (OTP) for authenticating the login.
The implementation of 2FA puts an additional burden on the teams logging into the e-invoice and e-way bill portals of NIC. Clear e-Invoicing allows its users to avoid the hassles of 2FA while continuing to ensure an utmost secure environment for data handling and privacy.
Continue reading the article to know more about the applicability, issues and alternate solutions for 2FA.
What is 2-Factor Authentication in e-Invoicing?
Two-factor authentication (2FA), also referred to as dual-factor authentication or two-step verification, refers to a security process in which users provide two different authentication factors for verifying themselves.
Two-factor authentication is implemented to protect both the users credentials and the resources the user can access. After registering for two-factor authentication, the same can be used for the e-Invoice system and the e-Way bill system.
NIC's Mandate on Two-factor Authentication
National Informatics Centre (NIC) has implemented the two-factor authentication on its portals such as the e-invoicing portals, NIC1 and NIC2, and e-way bill portal for certain taxpayers. Currently, the 2FA applies to taxpayers using these portals, as follows-
Mandatory | Optional |
Taxpayers with AATO of more than Rs.100 crore from 21st August 2023. | Rest of taxpayers subject to e-invoicing and e-way bill |
Taxpayers with AATO of more than Rs.20 crore upto Rs.100 crore from 20th November 2023 |
*AATO stands for Annual Aggregate Turnover.
Purpose of 2-Factor Authentication
The goods and services tax department has introduced a two-factor authentication process for
- Accessing the e-invoice system and e-way bill system more efficiently, and
- Enabling the e-invoice system to be more efficient and robust, and
- Ensuring a secure environment for accessing the e-invoice/e-way bill system
Quick Video to Learn About NIC Update on 2FA
Modes Available for Two-factor Authentication on The e-Invoice Portal
Two-factor authentication has three different ways to receive the one-time password (OTP). The same are discussed below:
SMS: OTP is shared with the assessee on the registered mobile number as SMS.
Sandes app: Sandes app is a messaging app provided by the Indian government so that assessees can send and receive messages. Assesses can download and install this app with their registered mobile number and can receive a one-time password in it.
NIC GST Shield app: NIC-GST-Shield is a mobile application provided by e-Invoice System/ eWay Bill, so OTP can be generated using this app. NIC-GST-Shield app could be downloaded only from the e-Invoice/ e-Waybill portal. The assessee needs to follow to below steps to use the NIC-GST-Shield mobile app:
- The assessees need to download, install and register this app with their registered mobile number.
- One must ensure that the time displayed in the NIC-GST-Shield app is in sync with the e-Invoice/ e-waybill system.
- On opening this app, a one-time password is displayed.
- The assessee could enter this OTP and continue with the authentication process. Every 30 seconds, the OTP gets refreshed. The assessee doesnt require internet to generate the OTP on this app.
Steps for Setting Up 2-Factor Authentication
Step 1. On logging into the e-Invoice System, the user needs to go to Main Menu
Step 2. The user then needs to select two-factor authentication and confirm the registration.
Step 3. Once confirmed, the system will ask for a one-time password along with the username and password.
This facility has been introduced on an optional basis. However, it will be made mandatory in near future.
Drawbacks of 2FA Implementation
You must know that in the case of SMS and NIC-GST-Shield app, the OTP is sent to the registered mobile number of the authorised personnel of the GSTIN.
Suppose the invoicing team is not able to readily access such registered mobile numbers for OTP, it can lead to delays in generation of e-invoices/e-way bills, leading to business disruptions.
Alternate Secure Solutions to Avoid 2FA
No 2 Factor Authentication with Clear! Users on Clear e-Invoicing solution and Clear IRP enjoy faster and hassle-free experience of e-invoice and e-way bill generation every time. Here's how-
- With Clear, you will not have to deal with OTPs every time you log in, saving you time and hassle.
- Weve enabled smart security features to keep your data safe. Our solutions use SSL encryption and have security certifications such as ISO 27001, SOC-2, VAPT, and PCI-compliant.
- We are an approved GSTN IRP provider, ensuring that your e-invoicing and e-way bills are fully compliant.
- You can start generating e-way bills in just 150ms with Clear.
- We maintain a 99.9% success rate in generating IRNs and e-Way bills.
- Our support team is available 24/7 to assist you with any questions or issues.
Two-Factor Authentication for the Smartwatch
Two-Factor Authentication for the Smartwatch
04/26/2017 / 0 Comments in Apple,Biometrics,Two-Factor Authentication
The easiest mobile authentication with your Apple Watch
SecSign Technologies offers a new generation of digital identity protection and authentication solutions that use the Apple Watch to dramatically simplify and strengthen user login security. We developed the worlds first two-factor authentication app that offers biometric identity verification by skin contact via the Apple Watch.
With the introduction of Smartwatches and the Apple Watch in particular, mobile functions became even more effortless. Simple tasks like staying up-to-date, answering calls and messaging are managed without even taking your phone out of your pocket. Now you can add secure two-factor authentication to the list.
The next level of touch authentication. Watch the video about the secure authentication with the Apple Watch and contact us for more information.
You want to experience the next generation of secure logins yourself? Contact us for the Apple Watch plugin!
Apple Watch and Duo Mobile
Apple Watch and Duo Mobile
Duo supports two-factor login request approval and passcode generation from an Apple Watch.
Apple Watch support requires Duo Mobile 3.8 or later. To see which version of Duo Mobile is installed on your device, open Duo Mobile and tap the menu icon. The app version will be displayed in the bottom left corner.
You'll need to enable Apple Watch notifications for Duo Mobile. Open the Watch app on your phone, tap " width="50"My Watch", and scroll down then tap the entry for Duo. Enable "Show App on Apple Watch".
Duo Push
When you receive a two-factor push notification, you'll also see the notification on your paired Apple Watch if your phone is locked. Apple Watchs Taptic Engine is a linear actuator inside the device that produces haptic feedback, meaning it literally taps you on the wrist whenever you receive an alert or notification. That means youll also feel a tap whenever a login request is sent via Duo Mobile, letting you quickly log in or deny the request.
You can approve the two-factor authentication login request or deny the login request without ever touching your phone.
If your organization requires Duo Push verification with a numeric code you can draw or narrate the code to approve the login request from your Watch.
You'll only see the Duo request on your watch when your phone is locked. Notifications won't go to your Apple Watch when your phone is unlocked.
Duo Passwordless push login requests can't be approved from an Apple Watch because passwordless push authentication requires that you complete an additional verification step either biometric verification with Touch ID or Face ID or entering your device's screen lock PIN. The same additional verification step may be necessary for two-factor Duo Push authentication if your organization's Duo policy enforces it. In these situations, the Duo notification received on your Apple Watch instructs you to open Duo Mobile on your phone to view the request.
Passcodes
You can also generate passcodes from the Duo Apple Watch app. Simply launch the app from the watch and tap an account to generate a passcode for that account.
The Importance of WordPress Two-Factor Authentication
We take security very seriouslyhere at Kinsta and thats why we offer two-factor authentication for all of our WordPress hosting clients. Nothing could be worse than someone hijacking access to all of your sites!
This feature is available in our MyKinsta dashboard and we highly recommend everyone take advantage of it.
Today we will dive into why WordPress two-factor authentication is important, how our 2FA feature works, and a great free way to set up two-factor for your WordPress site itself.
Why Two-Factor Authentication Is Important
If you take a look at the top CMS platforms such as Joomla!, Drupal, and Magento; WordPress is leading with over 62.5% of the market share. Due to its popularity, this also means it is attacked more than the others. You cant really say that one platform is more secure than the other. Mainly more attacks occur because of the mere volume of sites out there.
Another reason is due to unskilled website owners. WordPress has always been awesome due to the fact that almost anyone can pick it up and start using it, but that also means there are a lot of beginners most likely leaving back doors wide open by not patching, not locking things down with correct permissions, etc.
WordFence surveyed a large number of WordPress site owners in 2016 and asked them to answerthe followingquestion: If you know how your site was compromised please describe how the attackers gained access.61.5% responded saying they didnt know how the attacker compromised their website.
They also ran another survey to see what attackers do with compromised WordPress sites. As you can see, 25% are typically taken offline or defaced. This is probably one of the worst things that could happen if you run a WordPress business.That iswhy you should implement security measures first, not after.
There are many ways you can lock down a WordPress site, one simple tweak is to change your WordPress login URL. This will instantly knock down the number of failed login attempts you have to your WordPress site from bots and scripts constantly scanning the web looking for a way in. But one of the most important things is to simply choosea complexpassword.
Sounds pretty easy right? Well,check out SplashDatas 2018 annual list of the most popular passwords stolen throughout the year (sorted in order of popularity).
- 123456
- password
- 123456789
- 12345678
- 12345
- 111111
- 1234567
- sunshine
- qwerty
- iloveyou
That is right! The most popular password is 123456, followed by an astonishing password. That is one reason why here at Kinsta on new WordPress installs we actually force a complex password to be used for your wp-admin login (as seen below on our one-click install process).
Security starts with the basics. Google has some good recommendations on how to choose a strong password. And one of their recommendations is to enable two-factor authentication.
Two-factor authentication involves a 2 step process in which you need not only your password to login but a second method. It is generally a text (SMS), phone call, or time-based one-time password (TOTP). In most cases, this is 100% effective in preventing brute force attacks to your WordPress site. Why? Because it is almost impossible that the attacker will have both your password and your cell phone.
Check out more below on how to enableWordPresstwo-factor authentication.
Kinsta Two-Factor Authentication
Here at Kinsta, we take user security very seriously. To help our customers protect their MyKinsta accounts and WordPress sites, we offer Authenticator-based 2FA support.
Compared to the traditional SMS-based 2FA method which sends login codes via text message, our Authenticator-based method uses dynamically-generated codes in Google Authenticator, 1Password, and other 2FA apps. This means your 2FA configuration is protected against basic security attacks like SIM swapping.
We recommend enabling 2FA for all of your Internet services that support it. To enable two-factor authentication in MyKinsta, check out our knowledgebase article.
Enable WordPress Two-Factor Authentication
Now that you have your Kinsta dashboard secured, you canalso enable WordPress two-factor authentication on your website. We recommend one of the following two plugins.
Two Factor Authentication
TheTwo Factor Authentication WordPress plugin is developed by the same authors of UpdraftPlus, the popular backup plugin. It supports standard TOTP + HOTP protocols (Google Authenticator, Authy, and many others). There is both a free and premium version.
It currently has over 10,000 active installs with a 4.5 out of 5-star rating and features the following:
- Graphical QR codes for easy mobile scanning
- Includes support for the WooCommerce and Affiliates-WP login forms
- WordPress Multisite compatible (plugin should be network activated)
- Emergency codes and premium design layouts (premium version)
Google Authenticator
If youre looking for a completely free solution, the Google Authenticator WordPress plugin works great. Note: That does mean however that you will be bouncing around two different apps. You can determine which is the most time effective for your environment. If you want to stick with one app, upgrading to their starter plan might be the way to go. We will be using the free Google Authenticator in this example.
The Google Authenticator plugin has 30,000+ active installs with a 4.5 out of 5-star rating. Its completely free and you can set it up for an unlimited amount of users. Most of the other auth plugins out there you will notice they have limitations in place unless you upgrade to a paid plan.You can download Google Authenticator pluginfrom the WordPress repository or by searching for it within your WordPress dashboard under Add New plugins.
Once installed you can click on your user profile, mark it active and create a new secret key or scan the QR code.
You can then use one of thefree Authenticator Apps on your phone:
After enabling this it will now require your normal password to login plus the code from the Google Authenticator app on your phone. You will notice an additional field that now appears on your WordPress login page. Also, this plugin is fully compatible with the pluginthat we recommended earlier to change your WordPress login URL.
And thats it! You now have two-factor authentication on your Kinsta account and on your WordPress website.
Summary
We are excited to offer two-factor authentication to Kinsta clients, as this has been one of our most requested features. Securing your WordPress websites just got a little easier! Make sure to check out ourmore advancedguide on WordPress security to see how to really lock down your site.
Have any questions about how WordPress two-factor authentication works? Feel free to leave us a comment below or open a support ticket from within your MyKinsta dashboard.
QR Code is a registered trademark of DENSO WAVE INCORPORATED in the United States and other countries.
Save time and costs, plus maximize site performance, with $290+ worth of enterprise-level integrations included in every Managed WordPress plan. This includes a high-performance CDN, DDoS protection, malware and hack mitigation, edge caching, and Googles fastest CPU machines. Get started with no long-term contracts, assisted migrations, and a 30-day money-back guarantee.
Check out our plans or talk to sales to find the plan thats right for you.
Brian JacksonBrian has a huge passion for WordPress, has been using it for over a decade, and even develops a couple of premium plugins. Brian enjoys blogging, movies, and hiking. Connect with Brian on Twitter.