LinkedIn unveils optional 2-step verification
Posted on 04 June 2013.
"Professional" social networking website LinkedIn is the latest in a string of popular online services and communities that have introduced optional 2-step verification for their users.


"Most internet accounts that become compromised are illegitimately accessed from a new or unknown computer (or device). Two-step verification helps address this problem by requiring you to type a numeric code when logging in from an unrecognized device for the first time," explained LinkedIn director Vicente Silveira.

To turn the feature on, users have to go to their Account Settings, and chose to review their Privacy & Settings, then select the Account tab and the Manage security settings option. Once the option is turned on, they are required to register and verify their mobile phone number. Unfortunately, they chose not to offer the option of using an app such as the Google Authenticator to create verification codes.

The security code is received via SMS, and the first time users try to log into their accounts from a specific device (computer, tablet, mobile phone), they will be asked to enter it.

While two-step verification can be thwarted by phishers who set up pages emulating LinkedIn's login page, complete with asking the user to enter the verification code, it should nevertheless reduce the number of account hijackings.

The social network also implemented automatic sending of notices to the users' email address every time their account is accessed via a new device.

If their accounts do get hijacked, at least they will know immediately - that it, unless the email address they associated with the account got compromised first. Still, that is something that LinkedIn does not have control over.









Spotlight

Leveraging network intelligence and deep packet inspection

Posted on 26 November 2014.  |  Tomer Saban, CEO of WireX Systems, talks about how deep packet inspection helps with identifying emerging threats, the role of network intelligence, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Nov 27th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //