Securing Apps With Two Step Authentication

two factor authentication logoI am a paranoid person - not at a level that is unhealthy, but I am paranoid. In fact, as soon as Google came out with two step verification (commonly known as two-factor authentication - I set it up with my Google Apps account.

It gives me the added peace of mind that it makes it much harder for someone to hack into my Google Account and take over my email address, and the hundreds of other things I do under my Google Account.

In the past year or so, we've been switching our systems to authenticate off of our Google Accounts. But this past week, we locked down many of our applications and web backends to require two-factor authentication.

Some systems we've set up to always require a token entry before gaining access to it. Some systems we have htaccess and Google login and token requirements. Some systems just have Google login. Some systems have both but let you set a 30-day cookie for the browser to remember not to ask for the token (that is how Google works for most security).

I strongly recommend you set up two step authentication within your Google account and for any application where you conduct business. It is simply not worth risking it.

Now, I wish my banks had that over making me change my password every 30 days or so.

Bookmark and Share    
blog comments powered by Disqus

4 COMMENTS

posted by Bowser on: Nov 26, 2012 04:42pm

I use Two-Factor Authentication across a lot of my accounts. I feel a lot more secure when I can telesign into my account with an OTP. I am glad that is offered as an option for many sites, but not enough. It is worth the time and effort to have the confidence that your account won't get hacked and your personal information isn't up for grabs. It would be nice to see more of the leading companies in their respective verticals start giving their users the perfect balance between security and user experience. I know some will claim that 2FA makes things more complicated, but the slight inconvenience each time you log in is worth the confidence of knowing your info is secure. I'm hoping that more companies start to offer this awesome functionality. To me this should be a prerequisite to any system that wants to promote itself as being secure.

posted by iPhone application development on: Dec 3, 2012 01:16pm

First, let us describe what two-step confirmation actually indicates. In Google’s scenario, it functions this way. If you allow two-factor confirmation, when you next log in to your Googlemail concern, you will first proceed as you always do—by providing your information. But before you get to your mail box, Google will next need a personal value.

posted by Hire iPhone Developer on: Feb 9, 2013 06:35am

You’ll have the option of getting security code sent to your mobile device, or using one of several mobile apps. The app into your account settings on the site, and you’re done. I know it is simply not worth risking it.

posted by Rikybelboa on: Feb 20, 2013 04:48am

Simply just idea we would thoughts in addition to claim topic, performed people value the item by yourself? Appears to be good. http://computerworld.co.uk