aspose file tools*
The moose likes Meaningless Drivel and the fly likes what sites do you have two factor turned on for? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Other » Meaningless Drivel
Bookmark "what sites do you have two factor turned on for?" Watch "what sites do you have two factor turned on for?" New topic
Author

what sites do you have two factor turned on for?

Jeanne Boyarsky
author & internet detective
Marshal

Joined: May 26, 2003
Posts: 30764
    
156

Up until today, I just had gmail. Today, I turned it on for github, paypal, dropbox, linked-in and yahoo. I didn't turn it on for twitter because it breaks the blackberry app.

Does anyone have experience with two factor on any other sites?


[Blog] [JavaRanch FAQ] [How To Ask Questions The Smart Way] [Book Promos]
Blogging on Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, OCAJP, OCPJP beta, TOGAF part 1 and part 2
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42286
    
  64
My company uses it for the admin web app for Amazon Web Services. It uses Google Authenticator and is real easy to use.


Ping & DNS - my free Android networking tools app
Jesper de Jong
Java Cowboy
Saloon Keeper

Joined: Aug 16, 2005
Posts: 14270
    
  21

I have it on for Google and recently I enabled it for Github and Twitter. I didn't know Paypal, Dropbox and LinkedIn have it too, I'm going to enable it for those accounts too.


Java Beginners FAQ - JavaRanch SCJP FAQ - The Java Tutorial - Java SE 8 API documentation
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42286
    
  64
Yeah, I've just enabled it for PayPal as well. Thanks Jeanne.
margaret gillon
Ranch Hand

Joined: Nov 12, 2008
Posts: 318
    
    6

Today I am changing a lot of passwords (sigh).

It seems that a while ago one school of thought to cut down on malware and protect passwords was to disable cookies. I usually set my browsers to clear all cookies and caches when I am done with the browser (firefox). Is this thinking outdated? For the two factor sites ( and perhaps everything else, too ) should I allow cookies? I am guessing the factor that authenticates the machine is using cookies.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42286
    
  64
Two factor has nothing to do with cookies. There may be sites that do not work with cookies disabled altogether, but that's a minority. I think setting the browser to accept cookies, but to delete them upon exiting is a reasonable policy. It robs of you of some convenience (making you log in to various sites every time you start the browser), but provides some extra security.
margaret gillon
Ranch Hand

Joined: Nov 12, 2008
Posts: 318
    
    6

Two factor has nothing to do with cookies.


Ulf, thanks for clearing that up.

So sites that identify the machines i work on, like my bank's web site, are storing the machine information in their system? If so then why does my bank stop me from logging in every couple months because it doesn't recognize my machine , even though it is the same computer I have used for a several years?
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42286
    
  64
A server may use cookies to substitute for one of the factors, provided you have successfully used a web password to log in at some point. But the fact that you have a password to log in is independent of the fact that this login may be remembered via cookies. Two factor auth relies on the password as one factor, not the fact that this password login was remembered via cookies.
Todd Placher
Greenhorn

Joined: Dec 21, 2009
Posts: 6
    
    1
Does anyone have a good site or compilation of sites that offer 2-factor?
Jeanne Boyarsky
author & internet detective
Marshal

Joined: May 26, 2003
Posts: 30764
    
156

Todd Placher wrote:Does anyone have a good site or compilation of sites that offer 2-factor?

The most comprehensive list I found was on lifehacker.
Todd Placher
Greenhorn

Joined: Dec 21, 2009
Posts: 6
    
    1
Actually the lifehacker article had a link to an even better one then lifehacker: http://evanhahn.com/2fa/

 
wood burning stoves
 
subject: what sites do you have two factor turned on for?