I remember when all you needed was a username and a password, but these days they have these crazy keypads on the screen, all these pictures, pass-phrases, and you almost wonder if these procedures are really necessary and what they protect against! Well, this is the brief guide to understanding what the heck that keypad is protecting you against and what those pictures and phrases really do.
Those little keypads where you enter in your password or your PIN without actually typing them in? That’s to prevent someone from using a keylogger to record the strokes on your keyboard and then steal your account by learning your password that way.
Passphrase & Picture:
What about the secret pass-phrase and the associated picture? That’s to prevent someone from sending you an email with a link, you clicking on it, and then entering your username and pin/password into the phisher or thief’s login because they won’t be able generate this picture and pass-phrase for you. Since phishers just send out mass emails and hope for some suckers to bite, they won’t know your username and email beforehand… otherwise they’d just try to login, steal the picture, and show it to you.
Questions, Questions, Questions:
Lastly, all these questions? That’s just one of the three cornerstones of identification, the something you know part and is stronger than the pin and password. The other two are something you are, like a biometric of some kind, and something you have, like an ATM card or one of those SecureID fob things.