LinkedIn unveils optional 2-step verification
Posted on 04 June 2013.
"Professional" social networking website LinkedIn is the latest in a string of popular online services and communities that have introduced optional 2-step verification for their users.


"Most internet accounts that become compromised are illegitimately accessed from a new or unknown computer (or device). Two-step verification helps address this problem by requiring you to type a numeric code when logging in from an unrecognized device for the first time," explained LinkedIn director Vicente Silveira.

To turn the feature on, users have to go to their Account Settings, and chose to review their Privacy & Settings, then select the Account tab and the Manage security settings option. Once the option is turned on, they are required to register and verify their mobile phone number. Unfortunately, they chose not to offer the option of using an app such as the Google Authenticator to create verification codes.

The security code is received via SMS, and the first time users try to log into their accounts from a specific device (computer, tablet, mobile phone), they will be asked to enter it.

While two-step verification can be thwarted by phishers who set up pages emulating LinkedIn's login page, complete with asking the user to enter the verification code, it should nevertheless reduce the number of account hijackings.

The social network also implemented automatic sending of notices to the users' email address every time their account is accessed via a new device.

If their accounts do get hijacked, at least they will know immediately - that it, unless the email address they associated with the account got compromised first. Still, that is something that LinkedIn does not have control over.









Spotlight

How to talk infosec with kids

Posted on 17 September 2014.  |  It's never too early to talk infosec with kids: you simply need the right story. In fact, as cyber professionals itís our duty to teach ALL the kids in our life about technology. If we are to make an impact, we must remember that children needed to be taught about technology on their terms.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Sep 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //