[OPLIN 4cast] OPLIN 4cast #331: Two factors are better than one

Editor editor at oplin.org
Wed Apr 24 10:30:01 EDT 2013 

Email not displaying correctly? View it in your browser. 
<http://www.oplin.org/4cast/>
OPLIN 4Cast

OPLIN 4cast #331: Two factors are better than one
April 24th, 2013

two-factorPeople who work with Internet security have for some time 
advocated the use of "two-factor authentication" instead of a simple 
password control over access to sensitive or private information. Nobody 
likes to make things harder than we think they need to be, however, so 
adoption of two-factor authentication has been fairly limited. But last 
week, that may have begun to change, as Microsoft announced that 
two-factor authentication will be available (though not necessarily 
required) for all Windows products and services.

  * Microsoft rolling out two-factor authentication across its product
    line
    <http://www.zdnet.com/microsoft-rolling-out-two-factor-authentication-across-its-product-line-7000014162/>
    (ZDNet/Mary Jo Foley) "Two-factor authentication
    <http://searchsecurity.techtarget.com/definition/two-factor-authentication>
    is aimed at reducing the likelihood of online identity theft,
    phishing and other scams because the victim's password would no
    longer be enough to give a thief access to their information. Apple,
    PayPal, Google, Facebook
    <http://arstechnica.com/apple/2013/03/apple-follows-google-facebook-and-others-with-two-step-authentication/>
    and other vendors already have implemented two-factor authentication."
  * Microsoft Account gets more secure
    <http://blogs.technet.com/b/microsoft_blog/archive/2013/04/17/microsoft-account-gets-more-secure.aspx>
    (Official Microsoft Blog) "This release enables optional two-step
    verification for your entire Microsoft account. Two-step
    verification is when we ask you for two pieces of information
    anytime you access your account - for example, your password plus a
    code sent to a phone or email on file as security info. More than a
    year ago, we began bringing two-step verification for certain
    critical activities, like editing credit cards and subscriptions at
    commerce.microsoft.com and xbox.com, or accessing files on another
    one of your computers through SkyDrive.com. For these scenarios,
    two-step verification is required 100 percent of the time for
    everyone, given the sensitive nature of these tasks."
  * Apple ID: Frequently asked questions about two-step verification for
    Apple ID <http://support.apple.com/kb/HT5570> (Apple Support)
    "Two-step verification simplifies and strengthens the security of
    your account. After you turn it on, there will be no way for anyone
    to access and manage your account at My Apple ID other than by using
    your password, verification codes sent your trusted devices, or your
    Recovery Key."
  * AP Twitter hack sends stock market spinning
    <http://nymag.com/daily/intelligencer/2013/04/ap-twitter-hack-sends-stock-market-spinning.html>
    (New York Magazine/Kevin Roose) "In my opinion, there is really only
    one lesson from this afternoon's flash-crash: namely, Twitter needs
    multi-step authentication for verified and/or news-breaking accounts
    /now/. Twitter has gotten calls for stronger security measures for
    years, and it's always been pretty reluctant to promise anything.
    (Last year, the company would say only
    <http://techcrunch.com/2012/11/08/twitter-responds-about-implementing-two-factor-authentication-for-more-security-in-the-future/>,
    "We've certainly explored two-factor authentication among other
    security measures, and we continue to introduce features, such as
    https, to help users keep their accounts secure.") But after today's
    data point, it can't wait any longer."

*/Factor fact:/*

Good two-factor authentication combines a Knowledge Factor (something 
the user knows) with a Possession Factor (something the user has).
------------------------------------------------------------------------
The */OPLIN 4cast/* is a weekly compilation of recent headlines, topics, 
and trends that could impact public libraries. You can subscribe to it 
in a variety of ways, such as:

  * *RSS feed.* You can receive the OPLIN 4cast via RSS feed by
    subscribing to the following URL:
    http://www.oplin.org/4cast/index.php/?feed=rss2.
  * *Live Bookmark.* If you're using the Firefox web browser, you can go
    to the 4cast website (http://www.oplin.org/4cast/) and click on the
    orange "radio wave" icon on the right side of the address bar. In
    Internet Explorer 7, click on the same icon to view or subscribe to
    the 4cast RSS feed.
  * *E-mail.* You can have the OPLIN 4cast delivered via e-mail (a'la
    OPLINlist and OPLINtech) by subscribing to the 4cast mailing list at
    http://mail.oplin.org/mailman/listinfo/OPLIN4cast.


OPLIN 4Cast
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.oplin.org/pipermail/oplin4cast/attachments/20130424/9d4d6aa9/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: kubrickheader.jpg
Type: image/jpeg
Size: 38379 bytes
Desc: not available
URL: <http://lists.oplin.org/pipermail/oplin4cast/attachments/20130424/9d4d6aa9/attachment-0003.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: two-factor.png
Type: image/png
Size: 18476 bytes
Desc: not available
URL: <http://lists.oplin.org/pipermail/oplin4cast/attachments/20130424/9d4d6aa9/attachment-0003.png>

More information about the OPLIN4cast mailing list