• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

what sites do you have two factor turned on for?

 
Jeanne Boyarsky
author & internet detective
Marshal
Posts: 34965
377
Eclipse IDE Java VI Editor
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Up until today, I just had gmail. Today, I turned it on for github, paypal, dropbox, linked-in and yahoo. I didn't turn it on for twitter because it breaks the blackberry app.

Does anyone have experience with two factor on any other sites?
 
Ulf Dittmer
Rancher
Posts: 42968
73
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
My company uses it for the admin web app for Amazon Web Services. It uses Google Authenticator and is real easy to use.
 
Jesper de Jong
Java Cowboy
Saloon Keeper
Posts: 15480
43
Android IntelliJ IDE Java Scala Spring
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have it on for Google and recently I enabled it for Github and Twitter. I didn't know Paypal, Dropbox and LinkedIn have it too, I'm going to enable it for those accounts too.
 
Ulf Dittmer
Rancher
Posts: 42968
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yeah, I've just enabled it for PayPal as well. Thanks Jeanne.
 
margaret gillon
Ranch Hand
Posts: 335
6
Linux Tomcat Server Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Today I am changing a lot of passwords (sigh).

It seems that a while ago one school of thought to cut down on malware and protect passwords was to disable cookies. I usually set my browsers to clear all cookies and caches when I am done with the browser (firefox). Is this thinking outdated? For the two factor sites ( and perhaps everything else, too ) should I allow cookies? I am guessing the factor that authenticates the machine is using cookies.
 
Ulf Dittmer
Rancher
Posts: 42968
73
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Two factor has nothing to do with cookies. There may be sites that do not work with cookies disabled altogether, but that's a minority. I think setting the browser to accept cookies, but to delete them upon exiting is a reasonable policy. It robs of you of some convenience (making you log in to various sites every time you start the browser), but provides some extra security.
 
margaret gillon
Ranch Hand
Posts: 335
6
Linux Tomcat Server Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Two factor has nothing to do with cookies.


Ulf, thanks for clearing that up.

So sites that identify the machines i work on, like my bank's web site, are storing the machine information in their system? If so then why does my bank stop me from logging in every couple months because it doesn't recognize my machine , even though it is the same computer I have used for a several years?
 
Ulf Dittmer
Rancher
Posts: 42968
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
A server may use cookies to substitute for one of the factors, provided you have successfully used a web password to log in at some point. But the fact that you have a password to log in is independent of the fact that this login may be remembered via cookies. Two factor auth relies on the password as one factor, not the fact that this password login was remembered via cookies.
 
Todd Placher
Greenhorn
Posts: 6
1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Does anyone have a good site or compilation of sites that offer 2-factor?
 
Jeanne Boyarsky
author & internet detective
Marshal
Posts: 34965
377
Eclipse IDE Java VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Todd Placher wrote:Does anyone have a good site or compilation of sites that offer 2-factor?

The most comprehensive list I found was on lifehacker.
 
Todd Placher
Greenhorn
Posts: 6
1
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Actually the lifehacker article had a link to an even better one then lifehacker: http://evanhahn.com/2fa/

 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic