Tuesday, August 7, 2012

Please Turn on Two-Factor Authentication

Matt Cutts (via Daniel Jalkut):

You can use Google Authenticator to do two-factor authentication with LastPass, WordPress, Amazon Web Services, Drupal, and DreamHost, or even use a YubiKey device. There’s even a Pluggable Authentication Module (PAM) so you can add two-factor authentication to any PAM-enabled application. That means you can use Google Authenticator to add two-factor authentication to SSH, for example.

It’s pretty neat that the Google Authenticator app works without a network connection.

Update (2012-09-21): Rich Siegel reminds us to unregister any authenticator apps before upgrading to a new phone.

1 Comment RSS · Twitter


Pardon the plug, but Duo Security is also free for personal use (<10 users) and can protect WordPress, Drupal, and SSH, along with any other web app that has integrated using our APIs. (And most corporate VPNs, but that's not the point here :P)

Duo's passcodes also work without a network connection — or use Duo Push for even faster authentication:

https://www.duosecurity.com/duo-push

We love Google Authenticator (we're partially funded by Google!), but sometimes you need a service with uptime guarantees, a support team you can reach, etc.

Leave a Comment