2FA
Facebook introduces Trusted Contacts, makes you ask, "How much do I trust my friends?"
Losing access to your Facebook account is a big deal.
So Facebook has introduced "Trusted Contacts," where you combine recovery codes from three different friends to get yourself back in.
Paul Ducklin asks how well it's going to work...
Would you let a spammer give you a root canal? Sure you would!
When someone contacts you entirely for their benefit, out of the blue, and pitches you a concept that is peculiar at best, and outright alarming at worst...
...you really do find yourself thinking, "Why? WHY? What can the sender POSSIBLY hope to get out of this?"
Sophos Techknow - Two-factor Authentication [PODCAST]
To some of us, two-factor authentication (2FA) is a welcome aspect of online security; to others, token or SMS-based login codes are just extra online hassle we'd rather do without.
Duck and Chet help you evaluate the risks and rewards of 2FA in this enjoyable quarter-hour podcast.
Microsoft looks like being next with two-factor authentication
We've written recently about Apple and Automattic starting to offer two-factor authentication (2FA) for online accounts.
Word on the street says that Microsoft will soon be doing the two-step, too...
SSCC 106 - US DoD and BYOD, "scanner" malware, 2FA, and browser wars revisited [PODCAST]
For your listening pleasure, here's the latest episode in our popular "Chet Chat" series.
Senior Security Advisor Chester Wisniewski discusses the latest security news with regular guest Paul Ducklin in an entertaining and easily-digested quarter-hour podcast.
WordPress.com boosts security for bloggers with two-factor authentication
With WordPress.com powering more than 60 million websites worldwide, anything to improve the safety and security of its users is to be welcomed.
Paul Ducklin tries out the new WordPress 2FA service on his Naked Security account...
SSCC 105 - HP printers, Google blocks ad blockers, Apple does the 2-step, and more...
Have you joined thousands of others, and become a loyal listener to the "Chet Chat" yet?
Here's the latest Naked Security podcast, Sophos Security Chet Chat 105, discussing a range of recent and newsworthy topics from the world of computer security.
Apple introduces two-factor verification for Apple IDs
After celebrity Web 2.0 journalist Mat Honan had all his iDevices remote-wiped by a cybercrook last year, Apple's login security has been under scrutiny.
Good news! Apple has finally bitten the bullet and started offering two-factor verification for Apple ID users...
Monday review - the hot 27 stories of the week
Just in case you missed any of our stories last week, here's a little recap.
Indian two-factor authentication fraudsters busted by Delhi cops
Two more alleged cybercrooks are cooling their heels in custody this weekend.
The modern-day bank robbers are said to have run a scam that allowed them to work around the two-factor authentication protection offered by the victims' banks.
Why buy a PayPal authentication token if a crook can login without it? [POLL]
![PayPal makes it easy to bypass two-factor authentication - good or bad? [POLL]](http://sophosnews.files.wordpress.com/2012/10/paypal-token-250.png?w=115&h=115&crop=1)
PayPal will sell you an authentication token that can greatly boost your account security.
But you can skip token authentication easily. Find out how, and vote in our poll to say what you think of this feature...
Facebook to exclude phone numbers from reverse lookup - for users of two-factor authentication, anyway
Facebook's SMS-based login security was a Catch-22. You had to give Facebook your phone number to improve security. But that exposed your phone number to the vagaries of the Facebook search system.
That's now changed, but apparently only temporarily, while Facebook decides what happens next.
Dropbox two-factor authentication available to early adopters
A few weeks ago, Dropbox reported a data breach and promised two-factor authentication as part of its security response.
The good news is that the company is already starting to deliver on that promise...
LulzSec, Anonymous and other hacks - should I change my password?
With all the data breaches in the news lately, it's hard to know whether you've been affected. Lots of people are asking, "Should I change my password?"
Helpful Sydney infosec guy Daniel Grzelak can help you answer that question.
FLAMING RETORT - Three words for RSA. Promptness. Clarity. Openness.
It's no good having mandatory data breach disclosure laws if all they teach us is to admit we had a breach. We also need to convey information of obvious practical value to all affected parties.
Three words. Promptness. Clarity. Openness.
![Password security infomerical leaves Ellen DeGeneres in disbelief.. and it will you too [VIDEO]](http://sophosnews.files.wordpress.com/2013/04/ellen-thumb.jpg?w=75&h=75&crop=1)
![Can multiple moving cursors really hide your password from spyware and peepers? [VIDEO]](http://sophosnews.files.wordpress.com/2013/03/cursors-thumb.jpg?w=75&h=75&crop=1)
