Two-Step Verification Dances Around the Issue
Andrew James for PandoDaily on weaknesses of two-factor authentication. I have two nits to pick with his article. First of all, Google has an app you can use to furnish your authentication code on your smart phone. There’s no need to rely on receiving a text to get your code. Secondly, human factors will always be the greatest security weakness. The goal is to minimize their impact.
August 11, 2012 at 12:56 pm
I switched to the Google two-factor auth as soon as the iPhone app shipped. The major annoyances for me are setting up a new app on a mobile device that needs access to my Google account or setting up a new device entirely. After that, the 1-time “legacy” passwords never expire and the browsers get 30 days of being remembered. I realize it isn’t perfect, but it’s better than what I typically use for passwords.