Security Corner

Feb 28 2014   10:21PM GMT

Two factor authentication becoming a necessity

Ken Harthun Ken Harthun Profile: Ken Harthun

With the password’s fading usefulness, we have to seriously consider two-factor authentication as the minimum level of security for any site dealing with sensitive information. I have been using the PayPal “football” for years as a second factor on both PayPal and eBay. I’ve implemented Yubikey and Google Authenticator on LastPass and Google Authenticator on Dropbox. But these aren’t the only ones out there. There is, of course, the well known RSA SecureID, but here’s a few two factor authentication providers you may want to look into.

  • Yubikey – a USB hardware token that is in essence a second authentication method based on a unique physical token which cannot be duplicated or recorded, providing a credential based on something only an authorized user possesses. Used with a standard username and password, the YubiKey provides a strong, two-factor authentication to any site, service or application.
  • Google Authenticator – provides a six digit one-time password users must provide in addition to their username and password to log into Google services. The Authenticator can also generate codes for third party applications, such as password managers or file hosting services.
  • PayPal Security Key – The PayPal Security Key creates random temporary security codes that help safeguard your PayPal account when you log in. There are two types: A credit-card sized device (the “football” is no longer available); and, security codes sent by text message to your mobile phone. (I actually use both.)
  • Duo Security – Uses a mobile phone similar to Google Authenticator. Duo’s solution is cloud-based.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: