2Fa News, Articles and Updates

World Password Day: resources to help you on this special occasion

5 May 2016 is World Password Day.

Yahoo scraps passwords

Yahoo has redesigned its mobile mail app and it doesn't need a password.

Roundtable: Identity and access management

The SC Magazine UK roundtable convened with several industry experts to talk about the issues surround identity and access management

Password manager LastPass breached, data compromised

LastPass hacked, it's time to change your master password

Dyre Wolf is no 2FA killer, say security professionals

Just before the UK closed down for the extended Easter Bank Holiday weekend, IBM security researchers published a report warning about a malware campaign attacking online bank users.

Authy patches after 2FA bypassed in POC hack

Russian penetration tester Sakurity has found that attackers could temporarily bypass Authy's two-factor authentication (2FA), which enables users to log-in to Gmail, Dropbox, Facebook and Amazon's AWS.

UK bank ignored critical 2FA flaw months before Carbanak heist

A main UK bank ignored a serious two-factor-authentication (2FA) flaw months before 'Carbanak' criminals exploited a similar loophole to steal £millions from about 100 banks.

Gmail account gets hacked despite 2FA

A widely circulated blog post from security expert Grant Blakeman about his Google Gmail and Instagram accounts being hacked has provoked a debate about the true strength of two-factor authentication (2FA).

Google launches FIDO-compliant 2FA USB key for Chrome and Gmail

Google has souped up its two-factor authentication (2FA) login process with the launch of Security Key, a physical USB that only works after verifying the login site is truly a Google website.

Teenage Aussie hacker reveals PayPal flaw

17-year-old hacker divides industry opinion by going public before PayPal fixes problem.

ICYMI: 'Shoddy' PayPal, Google Glass & hacking BYOD

The latest In Case You Missed Column focuses on PayPal's two-factor authentication, the launch of Google Glass and new banking attacks.

Cookies flaw lets hackers steal WordPress accounts

A researcher at the Electronic Frontier Foundation (EFF) says that blogs hosted on WordPress can be hacked when connected to public Wi-Fi, even if two-factor authentication is employed.

Businesses urged to adopt 2FA after eBay breach

As news emerges that eBay's data breach - affecting some 145 million users worldwide - was caused by hackers stealing employee credentials, the industry rallies businesses to adopt two-factor authentication.

Bitly embraces two-factor authentication after data breach

Following criticism over the lack of details provided on last week's data breach, URL shortening service Bitly has finally revealed how hackers were able to compromise user accounts.

The great token debate

I read this week that one of the One Direction boys was bemoaning the fact that he had not been able to tweet for a week as he had no signal, not sure where he was but it just goes to show that you can't always rely on using your mobile phone.

Winfrasoft launches third version of authentication technology to allow Windows login

Winfrasoft has announced the capability to securely login to Windows using its PIN technology.

Authentication: the Text Factor

'Simplicity is the ultimate sophistication', said Leonardo da Vinci.

Google says account takeovers are down more than 99 per cent

Google is crediting enhanced risk analysis efforts with lowering the number of compromised user accounts by nearly 100 per cent over two years.

Twitter seeks 2FA engineers for stronger access

Following the attack at the weekend, which saw 250,000 user details accessed, Twitter has announced plans to implement two-factor authentication as an option to help users better protect their accounts.