Shoutout to SaasPass

The Mightywomble
Aug 24, 2017 · 5 min read

It’s all to easy (well it is for me) to moan so many things in the tech world, there are a lot of things that just do not work, poor software, faulty hardware, beta releases sold as finished products and marketing pipedreams we are lead to think are the next big thing but turn out not to be..

It’s nice then to promote a bit of software many people reading this won’t have heard of and will probably never use, however in an increasingly threatening world you probably should be.

IT Rule number one.. Your password is crap, its terrible, you’re proably using the same password for if not everything, most things and that fact its terrible isn’t your fault.

We work in an industry that can’t make up its mind what type of password is best, long, short, ch4r4ct3r changes, using !.£$ or not.. its all very confusing, and everything needs a password.

Sure you could be sensible and use Lastpass to store your passwords in a secure online vault. but what happens if someone finds out the password to that?

Well the answer to that question is simple, 2 Factor Authentication..

If you have managed to stay with me this far, great.. keep going i promise its worth it.

So in the last year i’ve seem multiple people I consider normal sane tech savvy individuals pop up at various times on Facebook apologising because their Facebook password has been compromised..

Every time I ask the same question.

Did you enable 2 factor authentication?

Every time the same reply, whats that..? or no..

So what is this 2 Factor Authentication or 2FA for short (and the rest of this)

Its a basic principle based on something you know (your password) and something you have (in this case your mobile phone, but could be a token or a finger print)

The thinking is, I can steal your password, and enter that into a website, however if that website sends a message or is looking for a pin number from your mobile phone and I don’t have that.. i’m not getting into your site.

If you do your banking online, you’ve used this system already when it asks you to put your card in the reader and make a pin number.

The chances of someone stealing both your password AND your phone are unlikely.. (not impossible, just unlikely)

Most of the social media sites Facebook, Twitter and Google offer 2FA as do many other sites now as a security method against your password being compromised and knowing you’re probably using the same password on many sites this can save you a lot of anguish..

To help you with this in a nice handy phone app are some companies who specialise in 2FA and are happy to be the central location for all your codes in a single app in much the same way Lastpass is for your passwords.. makes all this stuff much easier.

You may well have heard of Google Authenticator or Duo Mobile as two big players in this space. Both are useful, both provide a similar service with Duo being a bit more work orientated as well.

Both however are with one single fault..

If you loose or reset your phone, you loose all your 2FA codes and have to convince the website with passwords and questions you are who you say you are..

Personally this infuriates me…

However SaasPass have stepped up to the plate and offered not just an answer to this, they have offered some AMAZING support as well.

https://www.sasspass.com

They have a pretty decent video on their site which covers just what it is they do

However there were a few areas I have found they excel at.

2 devices same info

I'm constantly running the beta versions of Android on my Nexus 6p and need to occasionally factory default to sort a problem out or I've lost or replaced phones over the last few years. Every time I've done that in the past running Google Authenticate or Duo Mobile I've lost all the links to the websites i use 2FA on (Facebook etc) which usually means an evening setting it all back up again.

With Saaspass I’m able to run the same app on 2 phones (or an Android tablet in this case) and all the same 2FA codes are available on BOTH devices.

Wizardry at its finest… call this a security hole all you want, when you have over 50 2FA sites in that list, this is a godsend when you lose a phone. or the battery is dead on one device.

Desktop Login

I’m pretty sure Duo can do this, however it seemed to need an offering to the gods and a souther blowing wind to work. As well as protecting website access with 2Fa by installing the Saaspass app on my Macbook i was quickly and easily able to protect the login to the Mac on boot or coming out of screen saver with the same level or protection I have on the websites I use.

Add this to an encrypted Hard disk and that gives me peace of mind while travelling.

As i understand it Saaspass does the same on Windows and is exceptionally good at providing 2FA on AD connected devices. Something i’d like to get working myself.

SSH passwords and Enterprise Apps

Much like the Desktop login, i’ve been able to add Saas pass on all the public facing services I host myself giving me a peace of mind against people trying to brute force attack my home network..

Application 2FA Facebook, Teamviewer, Lastpass etc.

On the end user side of things Saaspass offer a huge list of services they integrate with and good simple to follow instructions on how to link Saaspass to your preferred sites.

The same can be said for much of the Enterprise cloud stuff as well Zendesk, Azure, Atlassian etc..

And finally…

The support..

I’ve had a couple of issues setting things up in the office, and when I’ve had questions the support has been excellent, good replies, simple feedback and what i’d expect from a company.. (thanks James)

So you got this far, why not head over there and see what they offer and if you don’t want to be that person posting that “i’ve been hacked” message on Facebook.. maybe give it a go

)

The Mightywomble

Written by

thoughts about the world I'm surrounded by, tech, politics, opinion..

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade