If you haven’t heard of it, Google Two-Factor authentication is a simple process that combines something you know (your password) with something you have in your possession (your smart phone.) You may think you don’t need something like this, but we suggest you read this completely terrifying article from Ars Technica that explains that with every password breach, the bad guys are getting smarter.
A sample of the terror:
Most importantly, a series of leaks over the past few years containing more than 100 million real-world passwords have provided crackers with important new insights about how people in different walks of life choose passwords on different sites or in different settings. The ever-growing list of leaked passwords allows programmers to write rules that make cracking algorithms faster and more accurate; password attacks have become cut-and-paste exercises that even script kiddies can perform with ease.
“It has been night and day, the amount of improvement,” said Rick Redman, a penetration tester for security consultants KoreLogic and organizer of the Crack Me If You Can password contest at the past three Defcon hacker conferences. “It’s been an exciting year for password crackers because of the amount of data. Cracking 16-character passwords is something I could not do four or five years ago, and it’s not because I have more computers now.”
Lifehacker has put together a list of the places (besides your Google account) that you can now use two-factor… And as you may have heard, the newest and most welcome addition is Dropbox. But don’t stop there… you can also use the system with a whole bunch of other logins.
It may sound annoying, but, trust us, it’s worth a few minutes of your time. Here’s a soothing and informative video from Google that will get you started…