Going a week without a major brand having its Twitter account compromised was starting to become a rare occurrence. Critics and users alike repeatedly called upon Twitter to release two-factor (or step) authentication. The added layer of security requires you to enter your password, and then a subsequent six-digit access anytime you try to log into Twitter. The short code is sent via text message to your cell phone, which means that any would-be hackers would need to not only crack your password, but to also have physical possession of your cell phone.
SAN FRANCISCO--Two of Google's top Chrome and Google Apps security experts confessed that the problem of passwords will continue to plague the people who use them and computer security for the foreseeable future.
On the second day of the company's I/O conference here on Thursday, Eran Feigenbaum, the director of security for Google Apps, suggested that people follow three recommendations to stay safer online.
"You should turn on two-step verification, make sure [the browser] is up to date, and make sure your password recovery options are set," the six-year veteran of Google said.
His colleague, … Read more
After the Associated Press' Twitter account was hacked into on Tuesday and the accounts of CBS News programs "60 Minutes" and "48 Hours" were hacked over the weekend, it's been made clear that Twitter needs to boost security. But, it may be doing just that.
According to Wired's Mat Honan, the social-networking site has reportedly been working on creating a two-factor authentication for user password verification. Honan writes that the company is currently carrying out internal testing before rolling out the new security control.
A group of tech companies looking to replace passwords for online identity authentication gained a powerful ally Tuesday in the form of Google.
The consortium, called the Fast IDentity Online Alliance (FIDO), is working to develop standards-based alternatives for verifying a user's identity when trying to login to Web sites and online accounts. Formed in 2012, the group proposes specifications that will support a variety of authentication technologies, including biometrics such as fingerprint scanners and voice and facial recognition, as well as security tokens, near field communication, and one-time passwords.
The Web giant joins founding members Lenovo, PayPal, Nok … Read more
Microsoft started rolling out its two-step verification process on April 17. Also known as two-factor authentication or two-step authentication, the process strengthens your account security by requiring you to enter your password (step 1), then a security code (step 2). The security code can be sent to you by e-mail, SMS, or phone call, or you can use an authenticator app on your mobile device.
Enabling two-step verification on your Microsoft account will enable it across all Microsoft services that currently support two-step verification, like Windows, Outlook.com, Office, and SkyDrive. If you're interested in trying it out, here'… Read more
There have been hints for the past week-plus -- courtesy of Liveside.net -- that Microsoft was poised to roll out two-factor authentication for its Microsoft Accounts. On April 17, Microsoft did just that.
The company is calling this security process "two-step verification." Microsoft is making available two-step verification across all products and services accessible via a Microsoft Account. This includes Windows, Windows Phone, Xbox, Outlook.com, SkyDrive, Office, and more. The rollout will be happening over the "next couple of days," according to the company.
(Microsoft Account is the new name for Microsoft's Live … Read more
Microsoft will toughen up its products' security by adding dual-factor authentication "soon," according to a report today by Liveside.net.
Judging by details in the Microsoft-focused blog, the approach closely mirrors what Google did years ago: authorization requiring both a password (the first factor) and a special six-digit code retrieved from an authenticator app on a person's smartphone (the second factor). The smartphone code changes frequently so it can't be used for long.
Microsoft offered only this comment today: "Security and privacy is a priority for Microsoft, however we have nothing new to share at … Read more
Apple took a big step in helping Apple ID users in securing their accounts this week with offering two-step verification.
Two-step verification (or authentication as it's commonly referred to) adds an additional barrier of security between would-be hackers and your account. The extra barrier comes in the form of a four-digit code, which will be sent to a device of your choosing via the Find My iPhone app or SMS, after you've entered your password.
Apple today added an extra layer of security to its Apple ID system that can harden the password people use to log in to various Apple services.
Users with an Apple ID can now sign up for two-step verification of their password, a system that sends a four-digit passcode by text message to a user's phone, and must be used on top of a regular password. In practice, this could keep an account from being compromised by an attacker, unless that person had access to the mobile device too.
The move comes a little less than a year after … Read more
The Federal Trade Commission said today that it will convene a one-day event on security-related "threats to mobile devices."
The event, to be held on June 4 in the agency's Washington, D.C., conference center, will be the latest in a series of similar events that have focused on topics including online data collection and advertising. It's open to the public.
An announcement posted on the FTC's Web site says the event will likely include discussions of "emerging mobile security threats and trends, security challenges in the mobile environment and infrastructure, potential solutions to … Read more