Black_Hat
- 2 comments
- 0 likes given
- 0 likes received
Bio not provided
This article touches a lot of the points of password security, but the one thing you failed to mention is the importance of taking advantage of two-factor authentication. Strong passwords do not replace the need for other effective security controls. One of the things I always do when setting up my account is activate the 2FA (two-factor authentication) where I can telesign into my account. If they don’t offer it I also have contacted some of the organizations to see if they plan on providing 2FA. This gives me the confidence that my account won't get hacked and my personal information isn't vulnerable. But thanks for the great article!
@BalajiViswanathan @sarojkar @cloud computing
I've noticed many of the global Cloud providers are moving to the use of a telephone (mobile or other) as a form of a token where the user is asked to telesign into their account by entering a one-time PIN code which is delivered to your phone via SMS or voice. Or if you don't want to do this every single time, some offer the option to designate your smartphone, PC, or tablet as a trusted device and they will allow you to enter without the text code. Should an attempt to login from an unrecognized device happen, it would not be allowed.