Since you are using your NAGA credentials for so many NAGA services, you should always make sure that your account is as secure as possible. One way to accomplish that, is by adding an additional layer of security to your account, called Multi-Factor Authentication?
Multi-Factor Authentication is an additional security layer for your NAGA Account. With Multi-Factor Authentication enabled on your NAGA Account, you have to provide your first "factor" (password) and your second "factor" (MFA-code) when you are signing in to your NAGA account.
Multi-Factor Authentication codes can be generated with different services, ranging from mobile apps to PC programs and SMS. The most secure and adopted method is the mobile app
- Mobile App: The only way to access your MFA code, which is needed to log in to your account, is via physical access to your mobile device. That means no one is able to gain knowledge of your MFA code without using your mobile device, entering a passcode (if you have set one) and using your authenticator app.
- SMS: The SMS authentication will send an SMS to a specified mobile number, which contains your MFA code. Since SMS are linked to a phone number, this method is more likely to be attacked by phone number postings.Such attacks involve an attacker transferring a victims phone number to a device which he controls. This means that he is effectively taking over the number and therefore the Multi-Factor Authentication codes.
- PC: You are able to install a TOTP app on your computer and configure it with the secret seed, which is provided during the authenticator setup. NAGA recommends using 1Password as the TOTP app.This method might be more secure than SMS but does still provide opportunities for hackers or malware to gather data, which might lead to a compromised account.
NAGA recommends using Google Authenticator. By using a mobile device app such as Google Authenticator, the only way to access the codes is via this device. No one can steal your codes without your phone and access to it.