Security News

Twitter was fined $150 million for using phone numbers and email addresses collected for two-factor authentication for ad targeting.

GitHub has announced that it will require two factor authentication for users who contribute code on its service. "The software supply chain starts with the developer," wrote GitHub chief security officer Mike Hanley on the company blog.

Some forms of MFA are stronger than others, and recent events show that these weaker forms aren't much of a hurdle for some hackers to clear. Sending a bunch of MFA requests and hoping the target finally accepts one to make the noise stop.

Google is going to automatically enroll 150 million users and two million YouTube creators into using two-factor authentication for their accounts by the end of the year, it announced on Tuesday. "And because we know the best way to keep our users safe is to turn on our security protections by default, we have started to automatically configure our users' accounts into a more secure state. By the end of 2021, we plan to auto-enroll an additional 150 million Google users in 2SV and require two million YouTube creators to turn it on."

While some high-profile Twitter accounts were successfully hijacked last year despite having 2FA enabled after attackers gained access to internal admin systems, you should still toggle on 2FA to be protected against less-sophisticated hacking attempts. Despite the meager rate of adoption, Twitter saw a growing number of users who enable 2FA to secure their accounts from hijacking attempts, with an increase of 9.1% from July to December 2020.

Twitter this week announced that it allows users to enroll security keys and use them as the only form of two-factor authentication to secure their accounts. "Security keys offer the strongest protection for your Twitter account because they have built-in protections to ensure that even if a key is used on a phishing site, the information shared can't be used to access your account," Twitter explains.

Just as daleks can't climb stairs and 1960s self-aware computers hell-bent on world domination can't answer the question "Why?" without spontaneously combusting, it seems that robots don't know how to tick. Evidently, neither do I. The Californian robot that is evaluating whether I am also a robot is unconvinced by my ticking.

In an era of keyless entry, connected cars and computerized everything, you'd think that car theft would be a thing of the past. Alas, as cars have gone more high-tech, so have car thieves.

Follow these steps to better protect your Zoom account with a second layer of authentication. Zoom now provides an extra level of security to your account with two-factor authentication.

If you've added two-factor authentication to Bitwarden, but are wondering why it's not working on the desktop client, fear not. I've written about how to enable two factor authentication with Bitwarden, but that only applied to the web interface.