Items tagged with two-factor authentication

Enabling two-factor authentication (2FA) wherever possible is generally recommended—it helps keeps the hackers at bay, even if your password has been compromised. Better security is a reward in and of itself. Electronic Arts is taking things a step further, though, by gifting a free month of Origin Access who lock down their EA accounts with 2FA. The publisher calls this "Login Verification," but it's the same as any typical 2FA scenario—when you log into your account, EA will send a unique code to your preferred email address, or via text message to your mobile device. You can also opt to receive an automated phone call. Whatever the case might be, that additional step is required... Read more...
Using two-factor authentication (2FA) is generally regarded as a superior way of securing an account than using a password alone, but even adding that extra layer of security comes with its own unique risks. This was highlighted in a recent security breach in which tens of millions of SMS text messages were exposed. Some of those text messages contained 2FA codes. All of those text messages sat on a server belonging to Voxox, a communications firm located in San Diego, California. Voxox is wholesaler of SMS, voice, VOIP, and cloud communication services for small businesses. One of the things it does is convert 2FA codes into text messages, which are then routed through cell towers and ultimately... Read more...
It is amazing what a little public shaming will do, especially in this day and age of social media. Not that we are advocating being an online bully or anything like that (please don't be). However, Facebook is making a change to the way it handles two-factor authentication on mobile devices after it was lambasted online for spamming users with unrelated notifications when enabling the added security precaution. Let's start with the backstory. In a recent Twitter post, a Facebook user and software engineer named Gabriel Lewis complained that he was receiving notifications on his phone after enabling two-factor authentication. The notifications had nothing to do with security, and instead were... Read more...
It's a dangerous online world out there and to keep the bad guys at bay, many companies require that employees use two-factor authentication. Typically the second method of verification entails tapping a Security Key or entering a verification code that's sent to a mobile device, but to make things easier Google is adding a third method, an approval prompt that pops up on a user's phone.This is something that's built right into the latest version of Google Play Services, which gives just about every Android user access to the feature. If you're rocking an iOS device, don't sweat it, you just need to grab the Google Search app, a free download available in iTunes. Once you have the requisite software... Read more...
At long last, Sony has finally begun work on adding two-factor authentication to its PlayStation Network (PSN) service, a security feature that could have come in handy five years ago when hackers barged their way in resulting in an extended outage. It wasn't Sony's finest moment by a long stretch. The massive data breach compromised the personal information of every PSN user, which at the time totaled more than 77 million registered accounts. Sony had no choice but to pull the service offline while it investigated the situation and rebuilt the service to prevent further embarrassment. While Sony initially hoped to restore service within a week, the outage lasted 23 days. Now five years removed... Read more...
Slack, the fast-growing startup previously known as Tiny Speck, has rolled out an optional two-factor authentication feature in response to a recent hacker attack. The company confirmed there was unauthorized access to its database containing user profile information, and though it was quick to respond and made changes to its security infrastructure to prevent future incidents, Slack "strongly" encourages its users to take advantage of two-factor authentication. Before talking about that, let's look at what happened. According to Slack, the database that was hacked contained usernames, email addresses, and one-way encrypted (hashed) passwords. It also contained information... Read more...