Safety First! How to Sign Up for Two-Step Verification on 11 Top Online Services

Discussion in 'other security issues & news' started by ronjor, Apr 12, 2014.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,728
    Location:
    Texas
    http://blogs.wsj.com/digits/2014/04...-step-verification-on-11-top-online-services/
     
  2. MikeBCda

    MikeBCda Registered Member

    Joined:
    Jan 5, 2004
    Posts:
    1,627
    Location:
    southern Ont. Canada
    Unfortunately, while TSV is great in principle, in practice it ignores the fact that there are still a great many users like me who don't have or use mobile devices -- essentially, we're looking at the Win 8 blunder all over again. I'm retired and rarely away from home, so have no desire or need for one.

    Of all the online services online that I deal with which use TSV, only my bank has (so far) offered a viable alternative option. They have a second box specifically for your landline phone no. (which is in their records anyway, so no loss of security there), and will phone you with a recorded (synthesized) message giving you the one-time access code.
     
  3. SirDrexl

    SirDrexl Registered Member

    Joined:
    Apr 14, 2012
    Posts:
    545
    Location:
    USA
    I agree. Paypal has a security token you can order, but unfortunately they're charging $30 for it now. The one I got was $5 a while back.

    I like how Steam does it. The extra code is emailed to you, and you generally only have to enter it when you install/re-install Steam on a "new" computer (or if you clear your cookies in a browser, but I only log in with the client for that reason). It seems like now and then they ask for it again, but not nearly often enough to be bothersome.

    Although, frankly I don't know if I want this sort of thing for every site. For finances it's important, but I'm not going to wait on and enter a second code every time I check my email. Does Gmail (or whatever other providers offer it) have a way of storing something on the computer so you don't have to keep entering the code? Plus, there's the privacy issue of giving out your personally-identifiable phone number to every site.
     
  4. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    IMO they also need to offer a software token, so basically your PC will be the token. :)

    For example:

    http://www.emc.com/security/rsa-securid/rsa-securid-software-authenticators/ms-windows.htm

    My bank has offered a hardware token since 1999, I think. If I´m correct they´re using Vasco tokens.

    http://www.vasco.com/verticals/banking/products/unconnected-card-reader-digipass.aspx
     
Loading...
Thread Status:
Not open for further replies.