One way to improve online account security is to use so called 2-step verification systems when they are offered by companies and services. Companies like Google, PayPal or Yahoo are already offering multifactor authentication systems to their users.
These systems are optional for now and improve security by combining standard log ins with a second verification step. A mobile device is usually used for that second step, but other solutions (like PayPal's ID Protection device) are available as well.
The password manager LastPass had been my password manager of choice before I switched to the Open Source password manager KeePass.
LastPass supports multifactor authentication systems for some time now, for instance with the help of Yubikeys. But those usually came with a cost.
LastPass back in November introduced support for Google's Authenticator app to add another multifactor authentication option to the service.
Google Authenticator is a mobile application for Android, iOS, Blackberry and Symbian devices that generates a temporary verification code that users need to enter when they log into LastPass from untrusted devices.
Google Authenticator needs to be linked to LastPass before the new security feature can be used. Here is how this is done.
LastPass will from now on display a Google Authenticator Authentication page for log ins to the service from untrusted devices.
LastPass users then need to open the Google Authenticator app to generate a one-time verification code that they enter on the LastPass website to sign in. Users who require offline access to their LastPass password database can configure this during configuration. It is also possible to trust devices to avoid having to generate and enter verification codes on every log in.
Additional instructions about the setup are available on the LastPass Support website.
The new multifactor authentication adds a second layer of protection to the LastPass login process that makes it a lot harder for attackers to access a user's password database.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.