twostep
Latest
Google improves two-step verification on phones
Last summer Google introduced phone prompts as a way of approving sign-in attempts protected by two-step verification. Instead of an email or text, users receive a simple pop-up alerting them to a new sign-in request. While useful, there wasn't much information on the card, save for the location and device being used. Now, Google is refreshing the feature, adding more details about the associated time, location and hardware. As Android Police notes, the wording has also been adjusted slightly in the prompts, from "no" to "no it's just me." It's a small change, but one that should help privacy-conscious users distinguish friend from foe.
US government agency calls for the end of SMS authentication
The US agency that sets guidelines and rules in cryptography and security matters is discouraging the use of text messaging in two-factor authentication. In the latest draft of its Digital Authentication Guideline, the National Institute of Standards and Technology (NIST) states that "[out of band authentication] using SMS is deprecated, and will no longer be allowed in future releases of this guidance." Out of band authentication means utilising a second device to verify your identity.
Microsoft leak details plans for two-step authentication process
Smoke goes up. Lights fade. The crowd roars. It's 2003, and the Dave Matthews Band is about to perform what would go on to become the theme song for security processes the world over a decade later. Weird visualizations aside, it sure seems as if two-step authentication has become all the rage these days. With Google implementing the process in 2011, both Apple and Dropbox have followed, and Evernote has made clear that it's going to join the fray as soon as feasible. Now, leaked imagery is demonstrating that Microsoft might not be far behind, with a two-step verification process evidently planned for its online services. As you'd expect, the process should work pretty simply once it's instituted -- you'll need to enable two-step on your account, and then use an app on your mobile device to retrieve randomized keys when logging into a computer that's not on your trusted device list. Notably, the process isn't expected to work with linked accounts, and while a Windows Phone app appears to already be floating about, there's no word on whether Android, BlackBerry or iOS users will receive the same courtesy. Till then, keep your passwords guarded. And, of course, watch the video embedded after the break.
Samsung's SCH-r470 TwoStep now official on US Cellular
We had an inkling that Samsung's SCH-r470 was headed for US Cellular, and without getting all melodramatic, we'll just inform you that it is. The surprisingly stylish flip phone, more enjoyably called the TwoStep, features a 1.3 megapixel camera, a multimedia player, stereo speakers, a microSD card, Bluetooth, Burnt Orange / Red / Purple hues and a battery good for up to three hours of talk time. Anxious to get your mind around prices and specs? Tough luck.
