Aplikasi 2FA (Two-Factor Authentication) Pilihan

Untuk beberapa layanan daring yang saya gunakan, hampir semua saya mengaktifkan fitur 2FA (Two-Factor Authentication) atau autentikasi dua faktor. Alasannya cukup sederhana: untuk menambah sedikit lapisan keamanan. Alih-alih hanya menggunakan kombinasi username dan sandi, ketika kombinasi autentikasi sudah dapat digunakan, saya perlu memasukkan kode autentikasi.

Ribet? Mungkin iya. Tapi, sebenarnya tidak ribet juga.

Untuk urusan sandi, walaupun hampir semua sandi menggunakan sandi yang sangat acak dan berbeda sandi antara satu layanan dan lainnya, saya sangat terbantu dengan aplikasi Bitwarden. Bahkan, sudah lebih dari dua tahun saya menggunakan aplikasi ini.

Sangat membantu.

Sebelumnya, saya menggunakan Google Authenticator sebagai aplikasi 2FA. Cukup lama saya menggunakannya. Google Authenticator sudah berhasil menjalankan fungsinya dengan sangat baik.

Ada sedikit masalah ketika ponsel yang saya gunakan tidak dapat saya akses, misal karena kehabisan baterai, atau tidak sedang berada bersama saya. Dalam kondisi seperti ini, cukup merepotkan.

Karena, Google Authenticator hanya dapat digunakan dalam 1 piranti bergerak (mobile) untuk Android atau iOS Lebih merepotkan lagi kalau ternyata piranti yang digunakan sampai hilang. Sedangkan, saya kebetulan menggunakan lebih dari satu ponsel, kadang bekerja dengan tablet, dan paling sering bekerja dengan laptop.

Aplikasi 2FA yang dapat mendukung lebih dari satu piranti tentu menjadi pilihan yang paling masuk akal dan memudahkan. Dan, pilihan saya jatuh ke Authy. Sebenarnya, ada beberapa alternatif aplikasi yang dapat digunakan sebagai ‘pengganti’ Google Authenticator, namun dapat menjalankan fungsi 2FA dengan cukup baik. Beberapa diantaranya:

Dan masih banyak lagi.

Lalu, kenapa Authy?

Kalau dari sisi cara menggunakan, menambahkan akun dan lainnya aplikasi yang ada rata-rata akan sama. Kalau sudah pernah menggunakan satu aplikasi autentikasi, berpindah aplikasi saya rasa tidak akan rumit.

Authy menawarkan satu fitur yang sangat membantu saya yaitu dukungan multi piranti. Dari sekian banyak fitur yang ditawarkan, fitur ini bagian paling berguna menurut saya.

Jadi, saya bisa sedikit tidak khawatir apabila saya sedang membutuhkan fungsi autentikasi, karena saya bisa mengakses dari piranti yang sedang saya gunakan, atau yang terdekat dengan saya.

Authy tersedia untuk Android, iOS dan desktop (macOS, Windows, atau Linux).

Password Manager: Let’s Give Bitwarden a Chance!

I have been using password manager since 2017 since I think there should be an easy, secure, and handy mechanism to deal with passwords. Of course, by using password manager, life is a little bit easier.

And, I chose LastPass. Last year, I still renewed my premium subscription for US$36 per year. LastPass works really well, but at the same time I am sure other password manager applications — like 1Password, DashLaneKeeper — share similar quality of features. But, it’s about choice.

Most “popular” password manager applications also offer similar subscription price, around US$36/year. My LastPass subscription will end next April, and I am thinking of moving to other application that does its basic jobs like storing password (of course!), generating good passwords, and managing credentials in categories/folders. Also, it should be also work on multiple devices and browsers.

After reading many articles, I decided to give Bitwarden a try. And, I read pretty much information about Bitwarden. One of the big differences with other password managers is that Bitwarden is open source. The other reason is on the pricing. It’s only US$10/year for personal use, or US$40/year for personal (family/organization).

My decision is not related to LastPass’ upcoming plan regarding the limitation for the free account since I was a paying customer since day one. According to a blog post:

We’re making changes to how Free users access LastPass across device types. LastPass offers access across two device types – computers (including all browsers running on desktops and laptops) or mobile devices (including mobile phones, smart watches, and tablets). Starting March 16th, 2021, LastPass Free will only include access on unlimited devices of one type

LastPass blog: Changes to LastPass Free

From the interface point of view, it’s not that beautiful — at least compared to LastPass. But hey, it’s about the features. As long as it works for me, I am fine with the interface.

About Bitwarden:

  1. Bitwarden official site
  2. Bitwarden on GitHub
  3. Bitwarden apps (desktop, mobile, including CLI)
  4. A detailed review about Bitwarden. CNET has some basic comparisons of multiple password managers.

Fourth year: LastPass

This month, I renewed my LastPass subscription for the next twelve months. This time, LastPass does not increase its subscription price. It’s still US$36/year.

I am still pretty happy with it. I was thinking of cheaper solution that offers similar features, but for know, I could not find one.

So, let’s stick to it for now.

Third year: LastPass

I started using LastPass for my password manager application in March 2017. So, this year, it’s my third year now. Before LastPass, I used 1Password. I didn’t remember the exact reasons why I switched to LassPass, but I think it was about the integration with applications in mobile devices.

I am satisfied with LassPass features. For some people, Google’s Password Manager will work. But, when it comes to more complex password and identity management, I think LassPass fits me more.

Is LassPass free? Unfortunately, not. I started my subscription for US $12/year (for Premium package). A year later, LassPass increased its pricing to US $24/year. And, this year, they increased the subscription pricing again to US $36/year.

Hat tip: LassPass was acquired by LogMeIn back in 2015.

LassPass offers competitive pricing compared to its competitor like DashLane (US $40/year), 1Password (US $36/year), and Keeper (US $30/year). Since LassPass works for me (until today), I think I will keep my subscription.

Pengalaman Membuka dan Menutup Deposito Online BNI

Saya lupa kapan kali pertama saya membuka rekening deposito di BNI, mungkin sekitar dua tahun lalu, atau lebih. Cuma satu hal yang saya ingat adalah bahwa saya melakukannya secara daring (online). Dan, prosesnya sangat sederhana.

Membuka Rekening Deposito BNI

Seluruh proses saya lakukan melalui halaman internet banking BNI dan tidak terlalu bertele-tele. Sebelum membuka rekening deposito, berikut beberapa catatan (sumber):

  • BNI mensyaratkan untuk pembukaan rekening deposito, kita harus memiliki dana untuk setoran awal deposito sebesar minimal 10 juta.
  • Untuk jangka waktu, bisa dipilih sesuai kebutuhan. Saat itu, saya memilih jangka waktu 3 (tiga) bulan, karena deposito saya gunakan sebagai cadangan dana yang sewaktu-waktu saya bisa ambil juga.
  • Karena dilakukan secara daring, maka saya juga tidak mendapatkan bilyet sebagai bukti fisik kepemilikan deposito.

Proses pembukaan rekening dapat diakses melalui menu Layanan Lainnya, kemudian pilih Permohonan Layanan lalu Rekening Deposito — Buka Rekening Deposito. Setelah itu, lanjutkan dengan mengisi formulir yang tersedia. Setelah selesai semua, maka rekening deposito Anda akan siap secara instan.

123RF Verification on Credit Purchase

123RF

Disclaimer: This review is based on my personal experience. 123RF did not request me to write this article and I’m not endorsed or paid for making this review.

Today, I just decided to purchase some credits under my account at 123RF.com since I need to get some images from there. After creating an account, I simply made a purchase. It was a simple process. When I made the my purchase, I was connected to my office VPN. So, I was detected in Singapore while I was physically in Yogyakarta, Indonesia.

I filled in all billing information. I have been making lots of transactions using my credit cards, and I had most of them succeeded.

When I hit the purchase button, I got a notification saying that a verification process was needed and it would be by calling my phone number. I waited for the next few minutes. But, I didn’t get any phone call (on my mobile number).

So, I decided to contact 123RF from its Live Chat feature. So, I provided the customer service staff with my invoice number and some basic information about my order and account. The customer service staff informed me to make verification process based on the instruction sent to my email. She also requested my mobile number again and I gave her my numbers.

I replied the email with the information about my full name, bank account information, and my home address. I provided all the information based on my credit card information. No credit card number of verification number provided during this process.

In the next few seconds, I got a phone call from 123RF. She introduced herself as Jessica from 123RF, and she was using Bahasa Indonesia. She asked me for some details about my order and the situation that I made an order  from Singapore (while my address is in Yogyakarta, Indonesia). Of course, I was more than happy to give the best answer. Then, she told me that she would be back to work on my order.

After few minutes, I got another call from her telling that the credit was already under my account. I checked directly by refreshing my browser, and the credit was there.

Overall, I had a good experience on my first credit order. I know that each companies — when it comes to payment or security — has its own standard of the payment or security. 123RF has its own verification process. Based on my experience just now, 123RF made the verification simple enough.

Switch to Letsencrypt

Since my Comodo PositiveSSL Certificate for this blog is about to expired, I decided to switch to Let’s Encrypt. The implementation was easy. I was refering to DigitalOcean‘s community tutorial: How To Secure Nginx with Let’s Encrypt on Ubuntu 16.04.

Free 2 GB Storage for Google Drive

Screen Shot 2015-03-09 at 1.38.19 PM
Screen Shot 2015-03-09 at 1.48.53 PM

I finally got my free 2 GB additional storage for my Google Drive account.I got this additional storage after participating at the previous Google’s Security Checkup.

Even for now, I still have enough room for my Drive. I only utilise around 30% of my current 17 GB. But, since I’m planning of having my photos and some documents also backed up to Gooogle, I think it will increase very soon. Even if I need more room for storage, $1.99/month for additional 100 GB is still reasonable.

Google Offers Free 2GB Extra for Google Drive

Screen Shot 2015-02-10 at 11.43.52 PM

Google offers 2GB of storage for Google Drive for those who completes Google’s security checkup process. This offer ends on February 17, 2015. It’s also to celebrate Safer Internet Day. Right now, I have 15 GB of storage for my Google Drive and use around 5 GB of it). There are still plenty of room for my storage, but 2 GB of free upgrade is too good to be skipped.

The security checkup is a simple and straight forward. It’s to make sure that your Google account is safe by doing some checking on these areas:

  • Recovery information. Make sure you to have an active phone number and alternative email for account recovery.
  • Recent activities. Review the recent login activities using Google account.
  • Account permission. Check the services, or apps you give permission to use or connect to Google account.
  • App password. You can use specific password for logins. So, using Google, you don’t always supply your primary password. If you’re not sure or find the applications you don’t recognize, remove them.
  • 2-step verification. I use this security method. Just make sure to have backup phone number there, including the backup codes.

Even this offer does not apply to Google Apps for Work and Google Apps for Education, but it’s recommended that Google account owners should review the security checkup. After completing the security review checkup, the additional storage will be automatically added at the end of February 2015.

Heardbleed

The Heartbleed Bug — It is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).

Let's talk about the (new) Yahoo's email service

Recently, Yahoo redesigned its mail service again. I’ve talked about Yahoo Mail last August. I hoped for an improvements. Recently, on its 16th birthday, Yahoo gives a new look for its mail service. Quoting from a release published at Yahoo’s blog:

We redesigned Yahoo Mail to be more efficient, too. Things you do all of the time like search, starring, and deleting are now one-click actions that appear when you hover over an email. We also wanted to give you more breathing room in your inbox, so you can collapse the left-hand toolbar to be more productive.

I’m not a big fan of Yahoo email service actually, I’m sold to Google Mail. I use Gmail web-based interface on my daily basis. So, what Yahoo offered on this redesign this time?

1 TB of storage to handle email and attachments.

Yes, that’s huge! Currently, Google ‘only’ offers 15 GB of free storage (shared between Google Drive, Gmail, and Google+ Photos) with some detailed conditions. The 1 TB storage is tempting for marketing purpose and by number. Do I really need 1TB? I can live with 15 GB Google offers. By having 1 TB of storage, it can handles more than 54 million of emails.
Previously, if you’re a Flickr user, Yahoo also offers 1 TB of storage to store more than 500,000 photos in original quality. This one is really a good deal!

Themes

I’m not a fan of themes for email service. I left my Gmail in the standard look, without fancy themes. Yahoo — since it also owns Flickr — brings some selected photos from Flickr to choose as the background theme. Here how it looks.
Yahoo mail themes
For the web interface, I choose the of of the clean theme styles.

How To: Install Opera Mobile on Nokia N9

Nokia N9 already has a built-in internet browser. It’s not the best, but it works. I like having some browsers for my Nokia N9, and currently I have Firefox Mobile and Opera Mobile installed. Both browsers (Firefox Mobile and Opera Mobile) are not available from Ovi Store. If you’re using Symbian for your Nokia, you can download Opera Mini. Firefox is not yet supported.
I’m not considering the installation process as something difficult. Yes, it’s not like the regular installation procedures. It’s my first-time experience too. So far, everything works without any issue at the moment. For Opera Mobile installation, I just follow the installation tutorial from Nokia N9 Fans Club. It’s an unofficial site, not maintained by Nokia.

Now, let me share a bit about how I installed Opera Mobile. Anyway, my N9 is running MeeGo 1.2 Harmattan with software version PR1.1 (20.2011.40-2_PR_005). And, if you’re not familiar with command line, you can continue reading.

Solved: Nokia N9 can't connect to Twitter

After I had my Nokia N9 early this month, I setup my Twitter account first — after some basic phone settings, of course. Everything worked. The application is probably not the best, but it works.
Is it problem-free app? I thought so, until I got a problem: I can’t connect to Twitter using this app. I was not sure when the problem occurred for the first time. I did played with my phone (installing apps, downloading musics, adjusting settings, and including working from the command line). When an update was available, I also upgraded.
Added later: I was not sure what caused this problem. When I signed-in for the first time, everything worked without any issues. I deleted my Twitter account from the app, and tried to add it again. I forgot when I did this for sure, before or after installing the firmware update. It  was optional, but I decided to upgrade.
2011-11-13 01-49-48At first, I was not sure about the problem. Is it my phone, or the internet connection I was using. I switched to some different connections, but it didn’t solve my problem. When I tapped the “Sign In” button, it said: “Can’t connect to Twitter”.
So, I searched for a solution. And, I got one. It’s probably something too technical, but the instruction is easy to understand. According to the forum thread, here are some steps to fix the problem — I’m using Software Version: PR1.1 (20.2011.40-2_PR_005):

  • Activate “Developer mode” by going to: Settings > Security > Developer mode. It’s OFF by default. Turn it ON.
  • After having it activated, you will find a “Terminal” app button under application menu.
  • Open it and you need to execute these commands (one command per line):
    • gconftool --recursive-unset /system/http_proxy
    • gconftool --recursive-unset /system/proxy
    • gconftool --recursive-unset /system/osso

You may close your Terminal.
Those commands will wipe your active connection settings (bluetooth and internet data). But, it’s not a problem as I can add/manage connection settings easily. Problem fixed. Great.

Dear Flickr, I just want to buy a Flickr gift

But, it seems that something is broken.
Today, a friend contacted me to help him getting a Flickr Pro by activating a Flickr gift. This is not the first time for me purchasing Flickr gifts. Everything worked. Just worked. But, not today.

So, I wanted to buy my 11th Flickr gift — yes, 11th!. I went into what Flickr called “Place your order” page. I hit that blue “OK, I’M READY TO PAY” button. After that I was redirected to another login form for another authentication process. Sure, part of the security checking processes, right? I gave my password and nothing happened. Okey, may be it’s my web browser — even I was sure that nothing was wrong with my browser. The other browsers gave me the same results. It didn’t work. Okey, I waited.
Then, I tried again. But, I got a another respond. It was a message like this:

Sorry, Unable to process request at this time — error 999.
Unfortunately we are unable to process your request at this time. This error is usually temporary. Please try again later.
If you continue to experience this error, it may be caused by one of the following:

  • You may want to scan your system for spyware and viruses, as they may interfere with your ability to connect to Yahoo!. For detailed information on spyware and virus protection, please visit the Yahoo! Security Center.
  • This problem may be due to unusual network activity coming from your Internet Service Provider. We recommend that you report this problem to them.

While this error is usually temporary, if it continues and the above solutions don’t resolve your problem, please let us know.

Okey. I’ll wait. Yes, it’s weekend, and it was midnight. Dear Yahoo! — or Flickr — could you please fix that? My friend just want to have his Flickr account upgraded. Thank you.
[Added later]: This issue had been solved. It seemed that there was something wrong with the payment gateway issue. My friend bought a Flickr Pro gift for himself. :)

Using CloudBerry Explorer to Manage Amazon S3 Account

In my previous post, I mentioned an Amazon S3 tool called CloudBerry S3 Explorer. I also have S3Fox organizer addon installed. I use them both, and I feel that I’m more comfortable with CloudBerry Explorer.

CloudBerry Explorer makes managing files in Amazon S3 storage EASY. By providing a user interface to Amazon S3 accounts, files, and buckets, CloudBerry lets you manage your files on cloud just as you would on your own local computer. (source)

Now, I want to share how I use CloudBerry S3 Explorer to manage my Amazon S3 Account.
CloudBerry Explorer is availble as a freeware software. We can download it for free. It offers many features we need to manage Amazon S3 account, from a simple to complicated tasks. After I downloaded and installed it, I can start using it. First, I need to add my Amazon S3 account into the application. Go to File > Amazon S3 Accounts.