As someone who deals with network security, it is absolutely essential.
Passwords are dead, they are far to easy to crack and with the high speed
computing and networks available now it’s easy to do so, easier than it has
been before. Most passwords are still encrypted with a weak hashing algorithm
like MD5 or SHA1 which has long since been cracked.
Now, if you’re not using a public key authentication system or
something beyond passwords it’s very important to add a second step. That
second step is very easy to accomplish, you run a small app on your phone or
computer that generates codes. When you log in you’re prompted for the pin
that’s on the device, you just enter that pin before it regenerates and bam,
you’re in. Once the pins change they change in sync so you’re not dependent on
a static code that never changes. These codes can be generated by dedicated
devices like key fobs or cards but these typically aren’t accessible. The
software option though is fantastic and I haven’t run in to any that aren’t
accessible. I just open my RSA security app for example, enter my pin, a pin
is returned, enter that in the box on the web page or ssh client and it
authenticates. Adds a very high level of security to your authentication
process.In this day and age it’s a must have. > On May 17, 2016, at 11:03 AM, Karen Lewellen <klewel...@shellworld.net> wrote: > > Personally, it really depends on how the steps are constructed. Essential is > too strong a word, and depending on the process those being tested might not > have an inclusive door to that step, it might not be as secure, etc. > I dare say those who have lost irreplaceable parts of their lives due to a > security violation or stolen device would feel the trouble worth it. Speaking > only for myself though I think we can answer the question with examples of > how the steps you are considering would be followed? > Just my thoughts, > Kare > > > On Mon, 16 May 2016, Ben J. Bloomgren wrote: > >> I may be a wee bit behind about this, but what do you guys think of two-step >> verification? Is it essential? is it more trouble than it's worth? >> >> Ben >> >> --- >> This email is free from viruses and malware because avast! Antivirus >> protection is active. >> https://www.avast.com/antivirus >> >> -- >> The following information is important for all members of the Mac >> Visionaries list. >> >> If you have any questions or concerns about the running of this list, or if >> you feel that a member's post is inappropriate, please contact the owners or >> moderators directly rather than posting on the list itself. >> >> Your Mac Visionaries list moderator is Mark Taylor and your owner is Cara >> Quinn - you can reach Cara at caraqu...@caraquinn.com >> >> The archives for this list can be searched at: >> http://www.mail-archive.com/macvisionaries@googlegroups.com/ >> --- You received this message because you are subscribed to the Google >> Groups "MacVisionaries" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to macvisionaries+unsubscr...@googlegroups.com. >> To post to this group, send email to macvisionaries@googlegroups.com. >> Visit this group at https://groups.google.com/group/macvisionaries. >> For more options, visit https://groups.google.com/d/optout. >> >> -- The following information is important for all members of the Mac Visionaries list. If you have any questions or concerns about the running of this list, or if you feel that a member's post is inappropriate, please contact the owners or moderators directly rather than posting on the list itself. Your Mac Visionaries list moderator is Mark Taylor and your owner is Cara Quinn - you can reach Cara at caraqu...@caraquinn.com The archives for this list can be searched at: http://www.mail-archive.com/macvisionaries@googlegroups.com/ --- You received this message because you are subscribed to the Google Groups "MacVisionaries" group. To unsubscribe from this group and stop receiving emails from it, send an email to macvisionaries+unsubscr...@googlegroups.com. To post to this group, send email to macvisionaries@googlegroups.com. Visit this group at https://groups.google.com/group/macvisionaries. For more options, visit https://groups.google.com/d/optout.
signature.asc
Description: Message signed with OpenPGP using GPGMail
