One of the safest and simplest computer-security measures available is also one of the least used. Two-factor authentication adds a layer of protection to the standard password method of online identification. The technique is easy, relatively quick, and free. So, what's the problem?
Critics are quick to point out the shortcomings of two-factor authentication: it usually requires a USB token, phone, or other device that's easy to lose; you sacrifice some privacy by having to disclose your telephone number to a third party; and it is subject to man-in-the-middle and other browser- and app-based attacks.
Still, for online banking and other Web transactions, two-factor authentication is the most practical protection available. The number of big-name services supporting two-factor authentication continues to grow: Google, Facebook, Yahoo, PayPal, LastPass, and Dropbox are among the sites that let you require two-factor authentication to sign into your account from unverified computers and devices.
Something you know and something you have If you've used your bank's ATM, you've used two-factor authentication: you insert your ATM card (something you have) and enter your passcode (something you know). Most Web services supporting two-factor authentication send a unique access code to your phone, but banks and other financial services may require a hardware token that either displays a code you enter or that you insert via USB, smart card, or other port.<... [Read more]
by Dennis O'Reilly via CNET How To
Posts
No comments: