To some of us, two-factor authentication (2FA) is a welcome aspect of online security; to others, token or SMS-based login codes are just extra online hassle we'd rather do without.
Duck and Chet help you evaluate the risks and rewards of 2FA in this enjoyable quarter-hour podcast.
Have you joined thousands of others, and become a loyal listener to the "Chet Chat" yet?
Here's the latest Naked Security podcast, Sophos Security Chet Chat 105, discussing a range of recent and newsworthy topics from the world of computer security.
After celebrity Web 2.0 journalist Mat Honan had all his iDevices remote-wiped by a cybercrook last year, Apple's login security has been under scrutiny.
Good news! Apple has finally bitten the bullet and started offering two-factor verification for Apple ID users...
Attackers could - until Google issued a fix last Thursday, that is - bypass Google accounts' two-step login verification, reset a user's master password, and gain full profile control, just by capturing a user's application-specific password.
PayPal will sell you an authentication token that can greatly boost your account security.
But you can skip token authentication easily. Find out how, and vote in our poll to say what you think of this feature...
Facebook to exclude phone numbers from reverse lookup - for users of two-factor authentication, anyway
Facebook's SMS-based login security was a Catch-22. You had to give Facebook your phone number to improve security. But that exposed your phone number to the vagaries of the Facebook search system.
That's now changed, but apparently only temporarily, while Facebook decides what happens next.
It's no good having mandatory data breach disclosure laws if all they teach us is to admit we had a breach. We also need to convey information of obvious practical value to all affected parties.
Three words. Promptness. Clarity. Openness.