Skip to content
  • Home
  • Cyber News
  • Events
    • 2022 Caro Workshop
    • Post an Event
    • Submit Venue Form
    • Event Organizers
    • Event Dashboard
    • The 2nd International CARO Workshop(Archive)
    • The 3rd International CARO Workshop(Archive)
  • Resources
    • Cybersec Knowledge Base
    • 3 Steps To Better Account Security
    • Papers
      • A Quick Survey on Automatic Unpacking Techniques
      • CARO2008 Dealing with Virtualization packer
      • Finished an implementation of FProt hybrid unpacker paper
      • Anti-Emulation Time Lock Puzzles
    • Tools
  • About
    • Privacy Policy
  • Contact
  • Sign Up
  • Members
    • Login
    • Forgot Password
Events
Events
  • Home
  • Cyber News
  • Events
    • 2022 Caro Workshop
    • Post an Event
    • Submit Venue Form
    • Event Organizers
    • Event Dashboard
    • The 2nd International CARO Workshop(Archive)
    • The 3rd International CARO Workshop(Archive)
  • Resources
    • Cybersec Knowledge Base
    • 3 Steps To Better Account Security
    • Papers
      • A Quick Survey on Automatic Unpacking Techniques
      • CARO2008 Dealing with Virtualization packer
      • Finished an implementation of FProt hybrid unpacker paper
      • Anti-Emulation Time Lock Puzzles
    • Tools
  • About
    • Privacy Policy
  • Contact
  • Sign Up
  • Members
    • Login
    • Forgot Password
security

3 Steps To Better Account Security

Guides / February 21, 2022 February 25, 2022
Spread the word, be Cyber Aware!

Best security practices are the responsibility of all developers, recent surges in fraudulent login attempts are a good reminder that account security is the pillar to good organizational security practices:

As GitHub’s Staff Security Analyst @sanjuanswan noted during a recent security Twitter space

“your organization is only as secure as your least secure member”

It’s our responsibility to promote good security practices, whether you are an individual contributor or team lead. Here are three steps you can take today to set an effective model of security practices.

Table of Contents

  • 1. 🛠 Enable MFA:
  • 2. 🔐 Keep your email accounts up to date and safe
  • 3. 📱 Download the GitHub Mobile Application
    • Conclusion:

1. 🛠 Enable MFA:

Enabling 2FA adds an extra layer of security when logging into your GitHub account. With 2FA, you have to log in with your username and password and provide another form of authentication that only you know or have access to. If you lose access to your selected authentication method, you can use the provided recovery codes to access your account. Don’t forget to download and store those recovery codes somewhere secure.

At the organizational level, owners can require that members, billing managers, and outside collaborators use two-factor authentication to secure their personal accounts. Set this standard at the organizational level.

2. 🔐 Keep your email accounts up to date and safe

GitHub protects your account by requiring you to click a link sent to your email address when you log in from a new device. If a potential attacker doesn’t also have access to your email account, they can’t ATO (account take over) your GitHub account.

Use a unique, and complex password for your email account; the best way to accomplish this is by using a password manager.

Don’t share email addresses or login information with your team, and keep a recurring audit, or even better, add an off-boarding step so departing team members no longer has access to your repos.

3. 📱 Download the GitHub Mobile Application

You can use GitHub Mobile for 2FA when logging in to your GitHub account in a web browser. 2FA with GitHub Mobile does not rely on TOTP, and instead uses public-key cryptography to secure your account.

To get started with GitHub mobile for 2FA, if you’re not already using the mobile app, you can install it now and sign in to your account. And if you haven’t set up 2FA, set it up via your account security settings. You’ll need to set up 2FA with SMS or another time-based one-time password (TOTP) app first to start using Mobile 2FA. Once you have configured a TOTP application, or SMS, you can also use GitHub Mobile to authenticate youtube.

Conclusion:

Most software vulnerabilities are mistakes, not malicious attacks. Do your part and secure the software you write today, starting with your GitHub account security.

Stay Safe!

source

Return to News

Go to home page

Spread the word, be Cyber Aware!
Post navigation
← Previous Post
Next Post →

Related Articles

The 2nd International CARO Workshop

News, Events, Guides / January 21, 2008 February 21, 2022

The 2nd International CARO Workshop will be held 1–2 May2008 in Hoofddorp, the Netherlands Day 1: Thursday 1 May 2008 08.00 – 09.00 Extended Breakfast…

Anti-Emulation Time Lock Puzzles

Papers, Guides / February 21, 2011 February 21, 2022

Anti-Emulation Time Lock Puzzles Tim Ebringer The University of Melbourne Download Abstract A common anti-emulation trick is to introduce loops that take a relatively long…

datasecurity cybersecurity

A Quick Survey on Automatic Unpacking Techniques

Guides, Tools / January 1, 2014 February 25, 2022

This is a non-comprehensive list of papers and tools dealing with automated unpacking. Please let me know if I’ve missed another technique or if I…

searchsploit guide

SearchSploit Guide – Easy

Guides / February 26, 2022 February 26, 2022

The Ultimate SearchSploit Guide The Ultimate SearchSploit Guide: InfoSec veteran? novice? confused? It’s a huge acronym.. “InfoSec” CyberSec? regardless, we should all know what Exploit-DB…

About

Datasecurity-event.com is a cyber events, news & awareness platform

Serving CyberSecurity, DataSecurity papers, tools guides & news articles

Services

  • Events
  • Post an Event
  • CyberSecurity News
  • Papers
  • Cybersecurity Knowledge Base

Contact

Contacting us is easy, use the contact forms or the details listed below

  • events@datasecurity-event.com
  • contact@datasecurity-event.com

Copyright © 2023 DataSecurity-Event.com

Powered by DataSecurity-Event.com

We respect your privacy, and data
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of the cookies as outlined in our privacy policy. Read More
CCPA Opt Outs.
Cookie SettingsAccept
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT