Jump to content

Google is making your account vastly more secure with Two Step Authentication!!

krldr871

By krldr871
in Old Discussions

 Share

Recommended Posts

krldr871 LEGEND

krldr871

Posted
Posted

[img]http://tctechcrunch.files.wordpress.com/2010/09/googverification1.png[/img]

“Two-factor authentication” may be the least sexy-sounding feature I’ve ever written about. But if you’ve ever worried about being phished or having your password hacked, it could be your best friend — because it makes it much, much harder for a hacker to break into your account. Today, Google is announcing that it’s bringing the security feature to its millions of users: the feature will be rolling out first for Google Apps Premiere, Education, and Government edition customers, with plans to bring it to all Google users (even those who aren’t using its Apps suite) in the next few months.

So what exactly is two-factor authentication? Most of the login systems you’ve probably used are only ‘one-factor’ — you enter one password and you’re in, but if that password gets compromised, you’re toast. More secure systems are common in large businesses, and often require both a password and a physical card or dongle to login — these are called ‘two-factor’ systems, because they require both your password and another key, and are far more secure because a hacker probably isn’t going to have that physical token. Unfortunately these security systems are generally quite expensive. But Google is bringing one to the masses.

Google’s system doesn’t require a physical keycard. Instead, it relies on your mobile phone. First, you need to activate the optional feature from your settings page (again, this is only available to certain Google Apps customers at first). Then, when you go to sign in to your Google account, you’ll first be asked to enter your password as usual. Next, you’ll be brought to a screen asking for a verification code (see the screenshot above).

The verification code comes from your mobile phone, which you’ve previously linked up to your Google Account. Google has built a ‘Google Authenticator’ application for Android, the iPhone, and Blackberry — fire up the application, and it will give you the six digit verification code that you enter back into your browser (the system can also send you a SMS message or give you the code via voice call).

That’s it. The entire process only takes a minute or so, but it’s much more secure because anyone wanting to access your account will also need access to your mobile phone. You can opt to require this two-factor authentication all the time, or you can elect to only require it one time per computer (in other words, you’ll only need to enter it once on your home PC and/or work computer).

Like I said, this may not sound sexy, but it’s a big deal. Given how much data users are storing on Google, and the fact that plenty of people still fall prey to phishing scams on a regular basis, this is a major step in helping keep users secure. This is all optional (unless your Apps administrator sets a policy requiring it), but I suspect Google will be making a push to urge users to take advantage of the new system as it begins rolling out more broadly.

The news will also make Google Apps an even more tempting proposition for security-conscious businesses (Google notes that prior to this release, it was also the first company to receive FISMA certification in the collaboration/document sharing space). To make this more appealing to businesses, Google is also open-sourcing its authentication apps, so businesses can create their own custom-branded versions.

krldr871 LEGEND

krldr871

Posted
  • Author
Posted

[quote author=ChittinnaraNaidu link=topic=100713.msg1070265#msg1070265 date=1284992514]
from when sCo_hmmthink
[/quote]
Google added a two-factor authentication option to Google Apps on Monday, allowing enterprises to protect user accounts with a one-time code delivered through a mobile phone, in addition to the usual password.

The option will provide additional protection against phishing and malware attacks, as the one-time codes are valid for a limited period, said Eran Feigenbaum, director of security for Google Apps.

krldr871 LEGEND

krldr871

Posted
  • Author
Posted

[quote author=ChittiNaidu link=topic=100713.msg1072012#msg1072012 date=1285023960]
normal users ki aite undemo kada.....lekapotey data plans ki bokkka.... you rock *=: *=: *=:
[/quote]
gmail ki akkarledu ankunta..or rather per computer basis meeda okasari enter cheyyachu..settings ne ishtam..marchukovachu..

Deletedid1 LEGEND

Deletedid1

Posted
Posted

[quote author=ChittiNaidu link=topic=100713.msg1072023#msg1072023 date=1285024128]
only enterprise vallaki anta....so valle pettukunteru dabbulu...

normal janam kosam antey flop version....
[/quote]

oh alana...........KK

krldr871 LEGEND

krldr871

Posted
  • Author
Posted

[quote author=ChittiNaidu link=topic=100713.msg1072023#msg1072023 date=1285024128]
only enterprise vallaki anta....so valle pettukunteru dabbulu...

normal janam kosam antey flop version....
[/quote]
initial ga optional chestadu..kani vaadu authentication APIs ni provide chestunadu so businesses google ni federated identity provider ga vaadukunte idi compulsory chestadani na feeling  sAni_monkey sAni_monkey sAni_monkey

krldr871 LEGEND

krldr871

Posted
  • Author
Posted

[quote author=ChittiNaidu link=topic=100713.msg1072061#msg1072061 date=1285024687]
kaani NSA vallanta oppukovali ga daniki...

and also i dont think companies will accept it as Identity provider ani....
[/quote]
neku ivaalti internet lo google microsoft biggest players..single sign on lantivi future lo inka perugutaayi..so veellu pure identity providers ga untaru chudu future lo..because every one has a gmail account now..or a hotmail account..so microsoft ki ne service providerr ki link lekapoyina, authentication akkada jarugutundi..

krldr871 LEGEND

krldr871

Posted
  • Author
Posted

[quote author=ChittiNaidu link=topic=100713.msg1072087#msg1072087 date=1285025061]
yeah adi obvious but....remember,

last time cheppav....Military deggara 10 year advance undi ani...compared to security or any other features right...

but military control lekunda matram ivvaru vallu.....
[/quote]
adhi vere baa..ikkada identity providers matram google microsoft..antha matrana vaalla custom cryptography algorithms vaadaleru..aina US territory lo enter ayye data anthatini US intelligence vallu scan chestaaru..every mail u send, every chat sequence, alane every thing encrypted vaallu scan chestaaru malicious intent kosam..so thats not an issue

 Share
Go to topic listing
×
×
  • Create New...