Articles about 2FA

Experts voice concern after discovering Google's Titan Security Key is made in China

Google Titan Security Key

While the US and UK governments continue to eye China with suspicion, blocking the use of some Chinese hardware because of national security concerns, it has come to light that Google's Titan Security Key is produced in China.

The keys are supposed to boost security through the use of two-step verification, but security experts are calling for transparency about the supply chain for the hardware after it was revealed it is produced by Chinese company Feitian. There are concerns that the devices could be compromised by Chinese hackers (state or otherwise) to spy on users.

Continue reading

Google's Titan Security Key now available for $50

Google Titan Security Key

A month after it was announced, Google is now selling its Titan Security Key for $50. Currently available in the US, the FIDO-compatible keys help to boost security with two-step verification (2SV).

Google boasts that the keys have "special sauce" in the form of tamper-resistant firmware that helps to further improve security. Costing roughly the same as a Yubikey, Google is hoping to offer a viable alternative to the current FIDO key leader.

Continue reading

Boogiedown! Fortnite is bribing players into enabling 2FA -- and that's a good thing

Fortnite Boogiedown emote

Security is a serious business (including for Fortnite-maker Epic Games), but it's not something most people take seriously enough -- as the number of weak and reused passwords out there shows. Epic, however, has just given players of its hit game an incentive to enable two-factor authentication on their account.

By enabling 2FA in Fortnite, players can unlock a hidden extra -- the Boogiedown emote. While this is undoubtedly a form of bribery, it is no bad thing. There are just a few simple steps you need to follow to access the new emote.

Continue reading

2FA SNAFU led to Reddit security breach in which user data was stolen

Reddit mobile icon

Reddit has revealed details of a security breach that enabled a hacker to gain access to private messages, usernames and encrypted passwords. The self-proclaimed "front page of the internet" is undertaking an investigation and taking steps to improve security.

The attack took place between June 14 and June 18 this year, and the perpetrator was able to access "all Reddit data from 2007 and before including account credentials and email addresses", the site said in an announcement. The breach was made possible after the attacker beat SMS-based two-factor authentication and compromised several employee accounts.

Continue reading

Google launches Titan Security Key... that is nothing to do with Yubico

Google Titan Security Key

Google now has its own hardware security keys -- the Titan Security Key. These FIDO-compatible keys include Google firmware that verifies the integrity of security keys at the hardware level. The Titan Security Key offers secure hardware-based two-factor authentication, and is available to Google Cloud customers.

The keys are similar to those offered by Yubico -- so similar, in fact, that the company has gone out of its way to stress that it is not manufacturing the devices for Google.

Continue reading

Reliable SMS interception leaves 2FA accounts open to attack

SMS messages

Text messages via SMS are often used as part of two-factor authentication strategies to protect login accounts.

But a new and worrying study from Positive Technologies shows that real-world attempts to intercept SMS messages are 100 percent successful.

Continue reading

Intel Online Connect lets you log in on popular websites with just your fingerprint

Using passwords to get online may soon be a thing of the past thanks to a new launch from Intel.

The computing giant has revealed that its Intel Online Connect service will now ship in all 7th and 8th-generation Core processors, allowing users a smoother and easier way to get online quickly using just a fingerprint -- with users of Lenovo's latest PC devices the first to benefit from safer browsing.

Continue reading

Google defaults to prompts for two-step authentication

Text messages are often used as a means of implementing two-factor authentication on websites and in apps, but now Google is actively pitching its own alternative, known as Google prompt, to customers.

Traditionally users would receive a one-time code on their mobile device contained within a text message which they would have to enter to gain access. With Google's solution though, they will receive a prompt asking if they are trying to sign in. Users trying to sign in will gain access while those not expecting the login prompt will be denied.

Continue reading

Okta adds two-factor authentication

Okta has recently made three major announcements. First, it introduced new developer product toolkit capabilities, allowing developers to add Okta’s identity-driven security solution to their own applications with ease.

This has been announced during Oktane, its user event in Las Vegas. New features include easy and secure authentication, rapid customization and branding, out-of-the-box workflows, as well as securing APIs that are exposed to third-party developers.

Continue reading

Try the public preview of new sign-in experience for Azure AD and Microsoft accounts

Microsoft has redesigned the sign-in process (or "experience" as the company refers to it) for both Azure AD and Microsoft accounts.

The interfaces for the sign-in screens for both types of account have been updated so they are the same, and there's now a Google-style two-page sign-in procedure. The updated design is available as a public preview and the change has come about through telemetry data collected by Microsoft.

Continue reading

Consumers want online retailers to provide two-factor authentication

identity login

In today’s fast-paced world, one might think consumers value speed more than anything. In case of online banking, however, this is not the case. Instead, consumers would rather have more security than speed.

This is according to a new report by MYPINPAD, the company that enables multi-factor authentication for touchscreen devices.

Continue reading

Facebook redesigns security settings page making two-factor authentication easily identifiable

Realizing that its security settings were off-putting to many people due to being a shambolic mess, Facebook has rolled out a redesign which it says helps to improve clarity.

As well as giving greater prominence to the most important security settings, some options have been renamed. This comes after Facebook conducted some research into why users were clicking certain options but not changing them -- it turns out they had no idea what the settings actually did.

Continue reading

Secure your Twitter account with two-factor authentication

There are not many well-known online services that don't offer two-factor authentication (2FA) nowadays, but Twitter is very late to the party. Well, that might not be strictly true. Twitter recently added support for third-party authenticator apps, but failed to make any sort of song and dance about it.

The change means that it's now possible to make use of the likes of Google Authenticator and Authy with Twitter -- but you'd be forgiven for not having found the option by accident already.

Continue reading

Instagram ups security with two-factor authentication

Just about every app and online service offer two-factor authentication (2FA) as a security measure these days, and Instagram is the latest to join the party.

After numerous instances of hacking for other services, it's little surprise that Instagram wants to offer its users an extra level of protection. Once enabled, users are required to enter a six-digit code that is sent to their mobile via SMS, greatly eliminating the risk of unauthorized access.

Continue reading

eBay now recommends mobile over token-based two-factor authentication -- should you switch?

Two factor authentication strikes the right balance between convenience and security, which is why so many services offer it nowadays. But its implementation differs. Many companies have SMS or app-based systems, others prefer tokens, and some offer both as an option.

eBay falls in the third category, allowing users to receive the security code for the second authentication stage via SMS or a token. However, the company is now recommending users switch to the former method, touting its convenience as the main reason to abandon the token. But, should you take the advice?

Continue reading

BetaNews, your source for breaking tech news, reviews, and in-depth reporting since 1998.

Regional iGaming Content

© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.