Many websites and services implement two-factor authentication as another line of defense against phishing attacks and hacking attempts.If enabled, users of the service or website need to not only enter their usernames and passwords to log in to the site but also a code that is generated in real time during the sign in process.The majority of services use mobile phones to send the code to the user, but there are other options like sending the code to a verified email address or using extra hardware like Verisign's ID Protection which can generate codes on demand.
As far as phishing attacks go, attackers not only need to grab the username and password of the user but also a valid code that is usually only valid for minutes - sometimes even less - before it expires. Two-factor authentication is also an excellent defense for users if password databases are successfully dumped by hackers as they can't log in to the service even if they manage to decrypt the passwords of users who make use of the authentication method.
Google, Facebook, Dropbox or LastPass have all introduced two-factor authentication for users of their services. The authentication option is voluntary though but highly recommended to improve account security.
According to The Guardian, Twitter may be the next service on the Internet to introduce two-factor authentication to its service. The company recently revealed that attackers successfully downloaded account data of 250,000 users of its service before the breach was noticed. While the new authentication option would not keep hackers from doing so, it would protect the accounts of Twitter users due to the fact that the code is changing constantly and not saved in any database.
Twitter is currently looking for a software engineer to design and develop "multifactor authentication" for the service. This indicates that the company is currently in the planning stage and that it will certainly take time, months likely, before the new technology will be made available to Twitter users.Advertisement
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.