With news of the new Pope drowning out my social-verse, I almost missed a very important security update by App.net (my digital haven from spammers and trolls):
Two-factor authentication is designed to keep your account safe in the event your password is compromised. Our two-factor authentication implementation augments your password — i.e. something you know — by requiring you to enter an ever-changing numerical code displayed on your phone or tablet — i.e. something you have.
Enabling two-factor authentication is a simple process that involves a few steps. You’ll need to install a one-time password app (like Google Authenticator, available for iOS, Android, and Blackberry) on your phone and scan a QR code from your computer. Your one-time password app will generate a six-digit code, which you will enter into your App.net settings when prompted. (App.net Blog)
For those of you who don’t speak geek, basically every time you log into App.net from the web you will be required to enter in a funky set of numbers to verify that it’s really you logging into your account.
Usually this is done by sending you an SMS but using the Google App is smarter as someone can always “borrow” your phone and use the 2nd password to gain access to your account.
You can even create one time login passwords which can be used on 3rd party apps that have yet to support 2-step authentication.
While no security is perfect, implementing this will make it slightly more difficult for an account to be compromised (which is now sadly becoming the norm for even large services like Twitter and the mighty Evernote).
Hopefully more services adopt this security feature but so far the only other major digital powers who have embraced this wisdom are Google, Facebook, and GoDaddy.
