Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

1Password's update highlights the difference between two-step and two-factor verification

Glenn Fleishman | Jan. 30, 2015
An update to 1Password brings time-based one-time passwords (TOTP for short) to its iOS app. A one-time password is typically used as a second element in two-factor authentication (2FA), a subject I've written about many times in this column. But, as noted in a sensible and honest post by AgileBits, 1Password's developer, a second factor isn't always a second factor.

That's a lot of conditions to be met, and I already suggest enabling two-factor authentication for both Apple IDs (and thus iCloud access) and Dropbox to reduce the potential, as both Dropbox and Apple ID provide true second-factor methods.

As with all issues involving weighing risk, you should consider whether the ease outweighs potential exploitation. For you, perhaps true second-factor use is mandatory, and I feel that way for most, but not all accounts. For people you advise informally — family, friends, coworkers — 1Password as a single-source solution that deters remote access could be a huge step up.

 

Previous Page  1  2  3 

Sign up for MIS Asia eNewsletters.