Analysis of recent online account breaches indicate that weak and reused passwords continue to be a common entry point for account or identity takeover and network intrusions.
Some simple steps and tools like two-factor authentication can help your end users employ unique, strong passwords for their dozens of accounts.
Wouldn’t it be nice if your accounts could let you know when someone new is trying to get into them? Even better, wouldn’t it be terrific to make a stolen password useless to others?
Were you tricked into revealing your password through a phishing scam? Rest easy, your account is safe! That’s essentially the control that two-factor authentication (2FA) — also known as two-step verification or login approval — gives to you. And, it only takes about two minutes to set up and two seconds to use. That’s a lot of power for very little effort!
How does it work?
Once you’ve activated two-factor authentication on an account, whenever an account login with your password comes from a different device from what you’ve already permitted, an authorization check will come to your smartphone or other registered device.
Without your approval or current code, a password thief can’t get into your account. (more…)