02-10-2011, 12:13 PM
|
#1
|
The new goggles also do nothing.
Join Date: Oct 2001
Location: Calgary
|
Google adds 2 step authentication
http://lifehacker.com/#!5756977/set-...google-account
Pretty good idea, your email is one thing that will unlock access to many other things (via password resets).
__________________
Uncertainty is an uncomfortable position.
But certainty is an absurd one.
|
|
|
02-10-2011, 12:17 PM
|
#2
|
Redundant Minister of Redundancy
Join Date: Apr 2004
Location: Montreal
|
Good idea.
Also, for those who don't know, there's an option "always use https" in the settings. It's a good idea to enable this.
|
|
|
02-10-2011, 12:19 PM
|
#3
|
CP Gamemaster
Join Date: Feb 2010
Location: The Gary
|
It's a great idea. The mobile authenticator for World of Warcraft is quick and painless and I imagine this will be identical.
I'm so used to entering the authenticator code for WoW that I will probably add this to my gmail.
|
|
|
02-10-2011, 12:22 PM
|
#4
|
Franchise Player
|
Must be a phased roll out as I don't have that option in my Google Account page.
|
|
|
02-10-2011, 12:25 PM
|
#5
|
The new goggles also do nothing.
Join Date: Oct 2001
Location: Calgary
|
Yeah sorry forgot to say it was a phased rollout.
Also remember to have some kind of alternative method in case your phone gets stolen.
__________________
Uncertainty is an uncomfortable position.
But certainty is an absurd one.
|
|
|
The Following User Says Thank You to photon For This Useful Post:
|
|
02-10-2011, 07:49 PM
|
#6
|
Franchise Player
Join Date: Dec 2003
Location: Sunshine Coast
|
Quote:
Originally Posted by BlackEleven
Good idea.
Also, for those who don't know, there's an option "always use https" in the settings. It's a good idea to enable this.
|
For anyone using Hotmail, there is way to enable https for your log in, in this article on sidejacking.
http://askbobrankin.com/wifi_sidejacking.html
|
|
|
02-11-2011, 09:56 AM
|
#7
|
Dances with Wolves
Join Date: Jun 2006
Location: Section 304
|
I'm trying to think of what would happen if somebody got into my google account. I try hard to ensure there is no sensitive information in there. I suppose other people may have emailed me things in the past that they shouldn't have, but I don't see anything dangerous personally.
|
|
|
02-11-2011, 10:16 AM
|
#8
|
Lifetime Suspension
Join Date: Sep 2005
Location: The Void between Darkness and Light
|
I am assuming the "S" in https is 'Secure'?
|
|
|
02-11-2011, 11:08 AM
|
#9
|
Franchise Player
Join Date: Nov 2006
Location: Supporting Urban Sprawl
|
Quote:
Originally Posted by Flash Walken
I am assuming the "S" in https is 'Secure'?
|
Good assumption.
Basically it is http over a encrypted connection that verifies to you that the website you are talking to is what it says it is.
__________________
"Wake up, Luigi! The only time plumbers sleep on the job is when we're working by the hour."
|
|
|
02-11-2011, 11:12 AM
|
#10
|
Redundant Minister of Redundancy
Join Date: Apr 2004
Location: Montreal
|
On the topic of https, there is a Firefox plugin called https Everywhere. For any site that uses both http and https, it will use https.
http://www.eff.org/https-everywhere
It's useful for sites like facebook that default to http for login.
|
|
|
The Following 2 Users Say Thank You to BlackEleven For This Useful Post:
|
|
02-11-2011, 11:29 AM
|
#11
|
Scoring Winger
Join Date: Jul 2010
Location: Nice try, NSA
|
What I really do not like about this is the necessity to give my home phone number or my cell phone number to Google. What does that have to do with email?
I understand the sentiment, but part of the reason I like services like gmail is that I can have an email address with absolutely no ties to my real life.
Also, good for security, PITA for quickly getting stuff done.
__________________
@crazybaconlegs ***Mod edit: You are not now, nor have you ever been, a hamster. Please stop claiming this.***
|
|
|
02-11-2011, 01:53 PM
|
#12
|
The new goggles also do nothing.
Join Date: Oct 2001
Location: Calgary
|
Quote:
Originally Posted by Russic
I'm trying to think of what would happen if somebody got into my google account. I try hard to ensure there is no sensitive information in there. I suppose other people may have emailed me things in the past that they shouldn't have, but I don't see anything dangerous personally.
|
1) Search email to see if there's any emails from any financial institutions, investment brokerages, facebook, paypal, etc etc.
2) Go to previously found sites, click "I forgot my password, email it to me"
3) Get password, login.
If you don't have any signups for other sites, or use unique email addresses for each one, or other stuff then it might not be an issue, but for some getting access to email could turn bad fast.
Quote:
Originally Posted by Crazy Bacon Legs
What I really do not like about this is the necessity to give my home phone number or my cell phone number to Google. What does that have to do with email?
|
It gives them a 2nd way to authenticate your identity. That's the whole point behind 2 step authentication.. if someone cracks your password so they can steal your identity and sell it to someone so they can get fake credit cards to buy drugs or whatever (a typical scenario), they won't have access to your sms or your home phone so the 2 step authentication will fail.
If you don't need that level of security on your email, you don't need this.
Quote:
Originally Posted by Crazy Bacon Legs
I understand the sentiment, but part of the reason I like services like gmail is that I can have an email address with absolutely no ties to my real life.
|
Then this wouldn't matter to you. Some people have their work email through Google and have company info in their emails, so this would be important.
Quote:
Originally Posted by Crazy Bacon Legs
Also, good for security, PITA for quickly getting stuff done.
|
That's always how it is with security, it's a tradeoff.
__________________
Uncertainty is an uncomfortable position.
But certainty is an absurd one.
|
|
|
The Following User Says Thank You to photon For This Useful Post:
|
|
02-11-2011, 02:30 PM
|
#13
|
Dances with Wolves
Join Date: Jun 2006
Location: Section 304
|
Quote:
Originally Posted by photon
1) Search email to see if there's any emails from any financial institutions, investment brokerages, facebook, paypal, etc etc.
2) Go to previously found sites, click "I forgot my password, email it to me"
3) Get password, login.
|
Hmm ... never thought of that. Great point.
|
|
|
02-11-2011, 02:43 PM
|
#14
|
First Line Centre
|
A Google account can be used for a ton of personal information. A lot of people don't realize that Google has been storing your search history while logged into your gmail account, even if you haven't activated the feature. Someone can go in, activate it, and see what you've searched. Even if you don't have any emails from your bank, but you've searched it, someone can look up and see if you've ever searched for a financial institution.
|
|
|
02-13-2011, 07:26 PM
|
#15
|
Lifetime Suspension
Join Date: Oct 2010
Location: Calgary
|
saved search history? that seems kinda sketchy
|
|
|
02-13-2011, 08:56 PM
|
#16
|
Franchise Player
Join Date: Dec 2003
Location: Sunshine Coast
|
|
|
|
The Following User Says Thank You to Vulcan For This Useful Post:
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -6. The time now is 09:06 AM.
|
|