Two-step authentication is in the news again following this week’s hacking of The AP’s twitter account. Two-step authentication adds an extra layer of security making your online accounts more secure. It requires you to gain access to applications (or websites) by requiring both something you know (password) and something you have (in most cases, your phone or even a fingerprint). Only when these two steps are used together will you unlock access to your account. As passwords are becoming increasingly ineffective, multi-factor authentication is gaining ground as a solution. Google offers a clear tutorial explaining what it is, how it works, and how two-factor authentication protects you. Many popular services offer it and the list is growing daily. Below is a list of a few I think are most relevant for PennyWise Consulting clients today.
- Google has offered it since 2011, iCloud and everything related to Apple ID, recently received Two-Factor Authentication, and Microsoft just joined in.
- Facebook has offered Login Approvals since 2011. Twitter, according to Wired, is working on their solution and hopefully it will be available soon. edited to add: it is now available.
- Mail Chimp offers it through their service Alter Ego since 2011. If you don’t want to use it, they suggest other security features you can implement.
- Dropbox rolled out the feature last summer.
- And yes, you can even use the Google Authenticator with WordPress, and even if you haven’t begged me to install that for you yet, you’re not posting everything from an administrator account named admin are you?
Updates:
- WordPress.com added two-step in April 2013
- Evernote added two-step in May 2013
- LinkedIn added two-step in May 2013
- Basecamp added two-step in September 2013.
- Evernote added two-step in October 2013.
- buffer added two-step in November 2013.
- tumblr added two-step in March 2014.
Lifehacker article from December 2013 provides an updated list of services that offer two-step.