Recently Twitter rolled out their two-factor authentication service which helps to keep user accounts secure by requiring a secondary PIN code to be entered at login. This second PIN code is texted to a user’s phone at the time of login, and ensures that the account is not accessible to any unauthorized users who make have cracked the password.
Two-factor authentication is just as the name implies; there are two unique factors required to login. In this scenario it is something you know (your password) and something you have (your phone). If you are like me, you always have your phone on you so that added security boost comes at minimal hassle.
I decided to see where else I could implement two-factor authentication and decided to install it on my blog and home server. After a little research I found Duo Security’s Two-Factor Authentication, a simple and powerful FREE service for setting up your own two-factor authentication. The service is very simple to setup and with the help of a WordPress plugin, I was all configured in less than 10 minutes. It works flawlessly and even comes with an iPhone app that makes approving login a breeze.
The service comes with many different install options and has great documentation to support it. The paid services offered are also quite impressive, including custom deployment options and greater login controls. I am quite impressed at how well this method of two-factor authentication is working and I would strongly recommend Duo Security’s service to anyone interested in security.
Check out this short demo video from Duo Security showcasing their mobile app Duo Push.