Hello all,
In this post, I will provide my view on the future of the username and password
With the recent attacks against Twitter/Dropbox, the need for more websites to adopt 2factor authentication has never been higher 2-factor authentication is the future authentication mechanism which should be widely deployed in the corporate world and for home users
What is 2-factor authentication?
Two-factor authentication uses your traditional username and password but adds another layer of protection
With two factor authentication, you are given either a piece of hardware or software that generates a onetime code often called a token that can only be used for a certain amount of time
What is the advantage?
The advantage of 2-factor authentication is it adds a dynamic piece of information to the login process
therefore if a user database was compromised due to an attack the hackers would only have the static information which would be the username and the password static information is values that don’t change regularly such as your username you probably don’t change that often and for some same as passwords
before 2 factor authentication if a hacker was able to get a user database and was able to decrypt the values the hacker would have login details for the affected system and it would put the system at risk until the values were changed but 2 factor has thwarted these types of attacks
What sites currently Support 2factor
As of now
Google Gmail
Facebook
WordPress
There is even a way to implement the service in OpenSSH which I will cover in another post
Twitter and Dropbox have announced plans to offer this type of service as well
2factor authentication is used in a lot of corporate applications
VPN is the most common with RSA VPN token key
All in all 2-factor authentication is the more secure form of the username and password
And is the future of username/password security
Hope this post provided insight into this security enhancement
I will do some other posts about how to implement this protection on some sites later on
so make sure to check back for that!
Until next time
Stay secure!!!
and of course, if you have any comments/suggestions please let me know!
Its too bad its not implemented everywhere yet.
I try to use 2-factor where-ever possible.
Blizzard Entertainment and Paypal also use this.
Hotmail also gives you the option of using this but only in certain scenarios.
Yes it is too bad that its adoption rate is low but its getting there
Thank for your comment !