Articles about 2FA

Passwords are increasingly being seen as inadequate for protecting information and businesses and end users alike are looking for more secure alternatives.

San Francisco-based SASSPASS is making it easier to implement two-factor authentication with the launch of its Computer Connector. In conjunction with a SAASPASS mobile app it enables quick and easy 2FA for Macs and PCs.

Continue reading →

We've looked at the two public builds of the Windows 10 Technical Preview -- the initial, disappointing, embryonic build 9841, and the very slightly less disappointing build 9860 -- but of course the best is still to come. There are many features we expect to find their way into the final build, such as Cortana, and there are sure to be many surprises. One interesting inclusion is built-in two-factor authentication.

The presence of this valuable security feature is revealed by Jim Alkove in a post on the Windows blog in which he talks about the importance of identity protection and general security. He explains that Windows 10 will start to move users away from single factor authentication -- the humble password -- in favor of more secure options.

Continue reading →

Unless you've been completely avoiding the news over the past few days, you will have heard about Apple's little problem with nude photos being stolen from celebrity accounts. The company has strongly denied that there has been a security breach, but in a statement it advised its customers to check the strength of their passwords as well as enabling two-step verification.

Two-factor authentication -- also known as two-step verification -- is a stronger method of security because it relies not only on something you know (your password), but also something you have (like your iPhone). Sounds good, but how do you do about doing it for your Apple account?

Continue reading →

While two-factor authentication acts as an effective security barrier against malicious attacks, it also makes the login process more cumbersome for legitimate users by requiring them to type in security codes, on top of usernames and passwords. Luckily, there are dedicated apps that can make things easy.

One such app is Microsoft account (the choice of name is not particularly inspired), which was just released by the software giant to allow its Android users to manage -- validate or deny -- log in requests, when two-factor authentication is turned on for their Microsoft accounts.

Continue reading →

Yahoo's cool kid's blogging service Tumblr is the latest site to adopt the additional security of two-factor authentication.

But as with the introduction of SSL encryption in February it's up to the site's users to enable the feature for themselves.

Continue reading →

Relying on passwords alone to keep your Internet accounts safe can get you in a lot of trouble. They may be comfortable to use, but hackers can easily bypass or crack them. Or, even worse in my opinion, steal personal information without you even knowing. A recommended method for minimizing such risks is to enable two-factor authentication.

Two-factor authentication is an added security layer that requires you to use a password and a security code, in order to log in. It is a feature available in the account's settings that is usually not enabled by default. The security code can be delivered via SMS, email or a dedicated app. I have it turned on for every Internet account that supports it.

Continue reading →

Over the course of 2013 we have seen many services adding a two-step authentication to their sign-in options, though most leave the decision of enabling it up to the individual customer. Now, the popular note-taking service Evernote, which works across both mobile and web platforms, has joined in the movement.

This is not entirely new -- the company first announced the availability back in May, but only gave the option to Premium and Business level customers, leaving the rest of the user-base without the extra security.

Continue reading →

In an effort to beef up the security of its cloud platform, late-yesterday, Microsoft introduced two-step authentication for Windows Azure. The new feature is available through a service called Active Authentication and, according to the software giant, is mostly aimed at enterprises.

"Companies can enable multi-factor authentication for Windows Azure Active Directory identities to help secure access to Office 365, Windows Azure, Windows Intune, Dynamics CRM Online and many other apps that are integrated with Windows Azure AD", says Windows Azure director Sarah Fender. "Developers can also use the Active Authentication SDK to build multi-factor authentication into their custom applications and directories".

Continue reading →

After a number of high-profile account hijacks and criticism from both its users and the tech media, Twitter finally decides to take security seriously. Today, the popular social network introduces two-factor authentication which, when enabled, requires users to type in an additional six-digit passcode received via SMS in order to log in.

Sadly, as I learned, not every user can actually enable the new security feature. Twitter says that folks must have a "verified phone number and confirmed email address", the former of which is still incompatible with my mobile operator: "Sorry, we don't have a connection to your carrier yet!". Other local mobile operators are supported, but not mine.

Continue reading →

Following the lead of a number of high-profile companies like Apple, Dropbox and Google, Microsoft has finally embraced two-step authentication. Two days ago, the company unveiled the feature which, in order to "help keep your account more secure", enables using security codes or application-specific passwords when accessing Microsoft services. Sadly, for Android and iOS users, Microsoft only offers a Windows Phone app, at this point, to generate security codes.

The app is called Authenticator and works with both Windows Phone 8 as well as Windows Phone 7.5 (ironically, it was the app that revealed Microsoft's plans to offer the security feature in the first place). This guide will show you how to enable two-step authentication for your Microsoft account and use Authenticator to generate security codes on your Windows Phone smartphone.

Continue reading →

I highly recommend two-step verification for major online accounts, even though the process sometimes is a real hassle. I've long ago applied the security measure to my Google account, but Microsoft offered no option. Hell, even Apple beat the software giant with the measure. That starts changing today.

"Over the next couple days we will roll out a major upgrade to Microsoft account, including optional two-step verification to help keep your account more secure", Eric Doerr, Microsoft Account group product manager, says. The logistics are similar to Google's -- two-step verification most places, application-specific passwords elsewhere and tool for generating authentication codes.

Continue reading →

Enabling two-factor authentication for a Google account is an effective security measure against unauthorized access. It adds an extra layer of protection by requiring users to enter an application-specific password or security code in order to gain access to various Google services. For this second part the company says users will need an Android, BlackBerry or iOS handset. But what about generating security codes on Windows Phone? Surely, there has to be a way.

And there is. Microsoft has released an app called Authenticator which allows Windows Phone users to generate security codes for two-factor authentication. And, because it "implements industry-standard security code generation", the app supports Microsoft as well as Google accounts. The only question is: How to set it up for the latter?

Continue reading →

When Apple introduced two-step authentication for Apple ID my first thought was "Finally, the fruit company takes security seriously". But, as I've come to learn, that's not entirely accurate for everyone as the new feature is only available for users living in Australia, Ireland, New Zeeland, United Kingdom and United States. What if you're living in Canada or Germany? Well, tough luck, you can't use it. But what can you do?

Wired's Mat Honan is probably the best known Apple user to have fallen prey to Apple ID account hacks. Honan tells an alarming story, about habit and comfort (dare I say oversight) leading to having one's virtual identity shred into pieces. But two-step authentication cannot be forcefully enabled, so what can you do while waiting for Apple to support your region and mobile operator? You can still take some precautions that will secure your Apple ID account.

Continue reading →

Google on Monday announced that it would offer a two-step security option to certain customers of its Google Apps product, aiming to offer its customers a low cost option for higher security. The new authentication system would combine the traditional password with a verification code sent to the user's mobile phone.

Initially the offering would be available to English users of its Premier, Education and Government editions, with Standard edition customers getting the feature in the coming months. Google wants to ensure they can scale the feature reliability before expanding it to the "hundreds of millions" using the free version.

Continue reading →