Workers wise up to phishing, but you still need 2FA for business accounts
Train your staff to catch phishing email, but you also have to implement two-factor authentication.
Train your staff to catch phishing email, but you also have to implement two-factor authentication.
Android phones can now be used as second factor authentication for Google Accounts.
Google has unveiled a new locked down version of Gmail that trades convenience for a lot more security.
An update to 1Password brings time-based one-time passwords (TOTP for short) to its iOS app. A one-time password is typically used as a second element in two-factor authentication (2FA), a subject I've written about many times in this column. But, as noted in a sensible and honest post by AgileBits, 1Password's developer, a second factor isn't always a second factor.
Glenn Fleishman | 30 Jan | Read more
I've written a few times about two-factor authentication (2FA), where a password (something you know) is paired with a second item, like a device-generated token or one-time code sent via SMS (something you have). A password can be stolen or sometimes extracted, so a second factor makes it substantially more difficult for someone who lacks physical access to you or your stuff to break into one of your accounts. This restricts attackers from accomplishing wholesale attacks across thousands or millions of accounts, unless 2FA is badly implemented or attackers find an exploit.
Glenn Fleishman | 29 Nov | Read more