Close
Home
One Topic - Three Distinct Views:  The Vanguard View | Subscribe
Let Vanguard Technology help you with your website  Contact Us

Partner With Vanguard

Beautifully designed impactful websites for your organization and budget
 

Web Smarts - Business Savvy

We’ve been building websites since 1998

We are trusted advisors to Over 50 Active Clients within several industries including associations and nonprofits, healthcare, financial services, retail, B2B and more.

We Are
Trusted
Partners

After we deliver a quality website on time and within your budget, we will be there for when it really counts. We will be proactive, consultative and strategic after we launch your website.

We Are
Integration
Experts

We’ve integrated with virtually every AMS system on the market as well as most LMS, publication, advocacy and career center applications. Our company was founded on custom development.

We build websites that are easy to edit, manage and design using the best content management system on the market, Sitefinity CMS.

Our Clients Are Our Partners....

John Wurm

Membership & Communications Director
Minnesota Council of Nonprofits

The team at Vanguard helped us think about our digital presence from the perspective and needs of our users, while holding true to the values our organization espouses.

Connect With Us

On-Demand Webinar

Improve Your Webcopy

Sitefinity 13

With Improvements to Asset Management, Classifications and Redesigned Personalization, is it time to consider an upgrade to Sitefinity 13?

The

Vanguard View

Technology articles about one topic from the perspective of Leadership, Marketing and IT professionals .

2020 Volume 2 - Leverage Video and Search to Quickly Improve Your Website

Multi-Factor Authentication & Not Looking “Sus” in Among Us

Nov 13, 2020, 20:53 PM by Miles Grundy
Someone asking you to "trust" that they are not an imposter is not enough to prove it. You need some sort of external verification, just like how websites use 2FA to verify you are who you say you are.
Among Us, a mobile and desktop application taking the world by storm, is a game where up to ten participants (or “crewmates”) work to complete all the tasks on their broken spaceship to win. The only hiccup is up to three of these crewmates are “imposters”. The imposters actively work against this objective by *cough* eliminating other participants. Participants can occasionally meet to vote to kick off a crewmate who they suspect (aka “sus”) as being an imposter. It is a game much like Mafia or Werewolf, with a lot of finger pointing, accusing each other of being “sus”, mistaken identity, and fun frustration.

While these games are for entertainment, a similar exchange happens every time you log into a website or application. Security is always a top priority when it comes to your data, especially when you are interacting with that data on an unsecure network like the internet. 
 

So how does your web application know if you are really you?

Most web applications require two pieces of information for a user to login: a username/email and a password. However, these two pieces of information can easily be compromised. Email addresses are not secrets and, unfortunately, people like to use weak or easy passwords. What’s worse, if an imposter wishing to impersonate you has access to your email, they can easily use the applications password “reset password” feature to gain access to your information. 

How do we stop these imposters?

In Among Us, certain tasks will cause an animation to occur or momentarily leave some sort of proof that you completed that task. Imposters cannot complete tasks. Therefore, if someone else witnesses you complete one of these tasks, they can vouch that you are not an imposter. While you may claim to be a crewmate and not an imposter, having someone else there to back up your claim helps prove your statement as authentic. The same theory applies to websites.

Two-Factor Authentication

Two Step Authentication, Multi-Factor Authentication, and the more common phrase Two-Factor Authentication (2FA) all mean the same thing, using a second method to verify that you are who you say you are. Just typing in your username/email and password is one factor in your authentication. You are claiming you are your username/email and you do have the correct password giving yourself some legitimacy. 

However, this may not be enough to prove you are you. With 2FA, after you pass this first factor of authentication, you are not given immediate access to the application. Instead, you will be prompted to enter in a one-time use code to gain access. This code may be sent to you through a text message or maybe an automated phone call. Since providing this code to you is done through your phone and outside of the communication cycle of the application and your email, an imposter would be less likely to have access to it and therefore know the code to impersonate you.

There are many forms of 2FA. Like in the example above, an automated phone call or text message is some of the most common forms of 2FA. Some companies are building their own 2FA authentication applications like Google’s Authenticator. There are also forms of physical and disconnected 2FA. For example, and more commonly found in the banking industry, a small keychain-like device will display a new code every minute to enter while you log in to the web application.

2FA is also cost effective. Using email or other digital 2FA are usually free. Phone services are not free, but still cheap with text messages being as low as $0.0075 a message.

By adding 2FA to your website you might slow down the login process, but it makes it much more secure. 

To learn more about adding 2FA to your website, contact your Vanguard client manager today.

Load more comments
Comment by from

Vanguard Tips & Tricks

We provide helpful hints you never knew you needed for our clients. Check out "Vanguard Tips & Tricks" to learn quick and simple hacks to make managing your website easier than ever.

Multi-Factor Authentication & Not Looking “Sus” in Among Us

Nov 13, 2020, 20:53 PM by Miles Grundy
Someone asking you to "trust" that they are not an imposter is not enough to prove it. You need some sort of external verification, just like how websites use 2FA to verify you are who you say you are.
Among Us, a mobile and desktop application taking the world by storm, is a game where up to ten participants (or “crewmates”) work to complete all the tasks on their broken spaceship to win. The only hiccup is up to three of these crewmates are “imposters”. The imposters actively work against this objective by *cough* eliminating other participants. Participants can occasionally meet to vote to kick off a crewmate who they suspect (aka “sus”) as being an imposter. It is a game much like Mafia or Werewolf, with a lot of finger pointing, accusing each other of being “sus”, mistaken identity, and fun frustration.

While these games are for entertainment, a similar exchange happens every time you log into a website or application. Security is always a top priority when it comes to your data, especially when you are interacting with that data on an unsecure network like the internet. 
 

So how does your web application know if you are really you?

Most web applications require two pieces of information for a user to login: a username/email and a password. However, these two pieces of information can easily be compromised. Email addresses are not secrets and, unfortunately, people like to use weak or easy passwords. What’s worse, if an imposter wishing to impersonate you has access to your email, they can easily use the applications password “reset password” feature to gain access to your information. 

How do we stop these imposters?

In Among Us, certain tasks will cause an animation to occur or momentarily leave some sort of proof that you completed that task. Imposters cannot complete tasks. Therefore, if someone else witnesses you complete one of these tasks, they can vouch that you are not an imposter. While you may claim to be a crewmate and not an imposter, having someone else there to back up your claim helps prove your statement as authentic. The same theory applies to websites.

Two-Factor Authentication

Two Step Authentication, Multi-Factor Authentication, and the more common phrase Two-Factor Authentication (2FA) all mean the same thing, using a second method to verify that you are who you say you are. Just typing in your username/email and password is one factor in your authentication. You are claiming you are your username/email and you do have the correct password giving yourself some legitimacy. 

However, this may not be enough to prove you are you. With 2FA, after you pass this first factor of authentication, you are not given immediate access to the application. Instead, you will be prompted to enter in a one-time use code to gain access. This code may be sent to you through a text message or maybe an automated phone call. Since providing this code to you is done through your phone and outside of the communication cycle of the application and your email, an imposter would be less likely to have access to it and therefore know the code to impersonate you.

There are many forms of 2FA. Like in the example above, an automated phone call or text message is some of the most common forms of 2FA. Some companies are building their own 2FA authentication applications like Google’s Authenticator. There are also forms of physical and disconnected 2FA. For example, and more commonly found in the banking industry, a small keychain-like device will display a new code every minute to enter while you log in to the web application.

2FA is also cost effective. Using email or other digital 2FA are usually free. Phone services are not free, but still cheap with text messages being as low as $0.0075 a message.

By adding 2FA to your website you might slow down the login process, but it makes it much more secure. 

To learn more about adding 2FA to your website, contact your Vanguard client manager today.

Load more comments
Comment by from

Case Studies

Vanguard conducts thorough preliminary investigative work to ensure your website is built to cater specifically to your target audience and meet your organization’s goals. Check out some of the case studies on some of our most recent client success stories.  

Follow Us On Social Media Twitter Facebook YouTube LinkedIn

What Can Vanguard Do For You?

As your organization grows and evolves, your website should as well. Whether you are looking to generate more traffic, implement custom functionality, mobile compatibility, integrate your systems, or give your site a complete redesign, Vanguard Technology is your go-to web partner. Reach out to us with your current concerns with your website, and our experts will happily provide a solution.