If we’ve said it once, we’ve said it a million times: You should use two-factor authentication everywhere you can. It’s an easily enacted security measure that should give you a lot more peace of mind.
Tagged With two factor authentication
Just last week, Instagram confirmed reports that it's working on modifications to its two-factor authentication setup that will allow you to create passcodes in your favourite security app - like Google Authenticator, for example. While this isn't the sexiest of news, it's great to see this security practice growing in popularity: using an app, rather than a text message, to authenticate into other apps and services.
Two-step verification is great. However, if you happen to lose your phone and don't have a few backup codes on you then it can make finding your device on the fly a bit complicated. You can score backup codes whether you use SMS or an Authenticator app for verification (you should really be using an Authenticator app), and carrying them with you can help get you out of a bind if your phone ends up MIA.
A long, long time ago, having a good password was all you needed to make sure your Gmail (or other online) account was secure. Now, if you don't have two-factor authentication, or 2FA, then you're missing out on a really simple way to protect yourself. Why, then, do less than 10 per cent of Gmail users have 2FA enabled? Great question.
A while back, I woke up to find my Android phone lingering at a pattern unlock screen. Not just to unlock my screen, but a prompt to decrypt all of my phone's data. I was puzzled. Every other morning, I decrypted my device using a 10-digit, alphanumeric passphrase -- something I perceived, accurately, as being infinitely more secure than tracing a dumb pattern with my finger.
On Tuesday, Techcrunch writer John Biggs had his phone number stolen by a hacker who gained control of Biggs' T-Mobile SIM card, granting him access to Biggs' phone number used to verify his identity. Biggs correctly employed SMS-based two-factor authentication on his accounts, but forgot to add extra security layers to his wireless carrier account. His attacker proceeded to lock him out of his accounts and attempt to demand ransom in bitcoin.
Google's one tap form of two-factor authentication is handy because you don't need to enter a code. However, it offers very little information about who's trying to log in. Now, Google will add location and time info to the login attempt.
WhatsApp is one of the most popular private messaging apps out there, so it's a little surprising it didn't have support for two-step authentication. Now, the beta version of the app has added the feature so, like always, turn it on now.
You know you should use two-factor authentication everywhere you can, but there's also "two-step" authentication, which may come off like the same thing. They're really not. Here's the difference, and what you should know about both.
If you've been using Dropbox for over four years and you haven't changed your password since then, then two things are true. One, you haven't been reading Lifehacker very long. More importantly, two: Dropbox is about to make you change it.
Android/iOS: Using an authenticator app on your phone is one of the better ways to use two factor authentication. Now, LastPass Authenticator has an even easier option, by adding support for one-button logins on many services.
Two-factor authentication is one of the most important ways to protect your accounts. However, recently some authentication methods like SMS have come under fire for being vulnerable to hackers, which defeats the point of "something you know and something you have". We decided to look at the most common methods and rank them by how secure they really are.
Two-factor authentication (2FA) makes logging onto web services much more secure but it can also be a pain in the neck as it adds an extra step to the sign in process. Usually this involves typing in verification codes that you have to retrieve from an app on your phone. Google is attempting to simplify 2FA with a new feature for its online services called Google Prompt. Here's what you need to know.
We already know that most users' clever passwords aren't protecting them from hackers. It turns out that the complex password requirements most sites ask you for aren't doing as much to help either.