Facebook and Dropbox in favour of SMS to strengthen security

securenvoy 07/09/2012, Archive

More websites should ask customers to confirm their identification by using one-off security codes sent by text messages, rather than by only entering a username and password.

Andy Kemshall of security firm Securenvoy warned that a study of security professionals found 42 per cent believe "the average kid could crack most end user's passwords."

Andy Kemshall of security firm Securenvoy warned that a study of security professionals found 42 per cent believe "the average kid could crack most end user's passwords."

He said the second-factor authenticaiton process of confirming a transaction or a person's identity using code sent via text messages is a simpler version of the system many online banks have tried, which uses a card reader.

"Even if a hacker has found out your password, they won't have your phone. If your phone is stolen, the criminal is unlikely to know your password."

Recently cloud storage service Dropbox has introduced a two-stage sign-in process for its online storage service,

Following a security breach in which passwords were stolen, Dropbox now sends a six-digit code via text message to a mobile phone, which is entered after the username and password.

The system will also work through apps for iPad and iPhone, Blackberry, Windows Phone 7 and Android devices.

Rik Ferguson of Trend Micro also agreed with two-factor authentication sent by text being used for online banking.

"The question is not only about verifying the person initially making the transaction but is the transaction itself valid?

 

 

Read more:

 

 

Related Posts