Tagged With authentication


Two-factor authentication is a quick, easy way to add extra security to your accounts (or password managers). For even more security and peace of mind, consider buying a hardware token like the YubiKey or Google Titan.

They’re incredibly easy to set up, and as long as you keep the USB accessory on or near you—on your keyring, for example — you’ll be able to authenticate into supported accounts and services as quickly as typing in a password. And since nobody else will have your hardware authenticator, your accounts will be protected from other attackers.


It’s safe to say that this recent Facebook access token hack is a complete mess — much more than a simple inconvenience that might have forced you to log back in to your Facebook account on your devices.

And while the company is still sorting out the details and working on ways for developers to mitigate the effects of the attack, there are three things you can do to regain a little more control over your digital life.


Dropbox has jumped on the two-factor authentication (2FA) bandwagon with changes to their mobile app. Now, when an attempt is made to log into your Dropbox account, a notification is sent to your mobile device where you can tap a button to authenticate your identity. There's no code to enter.


Uppercase, lowercase, number, symbol - it's the mantra repeated over and over by IT admins when they set password rules. Throw in the requirement to change those passwords every 30 days or so, and not repeat an old password or even have characters in the same place over some arbitrary cycle and you suddenly have a complex set of rules that makes life really hard for users. And the guy who penned many of these rules, Bill Burr from NIST, says he screwed up.


Authentication and identity are still, despite more than six decades of computing, a serious challenge for those designing secure systems. Over recent years, fingerprint scanners have become far better to the point where the TouchID scanner on my iPhone works flawlessly. But if the rumours are right, the next iPhone will use facial recognition.


One of the primary vehicles used by bad guys to access our systems is stealing log-in credentials in order to impersonate real users. All the security processes and tools in the world are circumvented when someone has your username and password. That's where two-factor authentication (2FA) comes into play. 2FA works by adding another authentication challenge to the equation. It's not just about what you know - your password, it's also about something you have. That's where the authenticator apps from Microsoft and Google come into play.


A new piece of research from Data 61, the digital research arm of CSIRO, has found the energy patterns we generate when we walk can be used to power mobile devices and to authenticate our identity. It turns out we have, in Star Trek parlance, unique energy signatures.