Two-factor Authentication
Proton launches free standalone cross-platform Authenticator app
Proton has launched Proton Authenticator, a free standalone two-factor authentication (2FA) application for Windows, macOS, Linux, Android, and iOS. 2FA authenticator apps are offline tools that generate time-based one-time passwords (TOTPs) that expire every 30 seconds, and which can be used alongside passwords when logging into online accounts, providing the second factor authentication. Proton is a […]
Coinbase fixes 2FA log error making people think they were hacked
Coinbase has fixed a confusing bug in its account activity logs that caused users to think their credentials were compromised. As GeekFeed first reported earlier this month, Coinbase had mistakenly labeled failed login attempts with incorrect passwords as two-factor authentication failures in the Account Activity logs. When a threat actor attempted to access someone’s account and used […]
Coinbase to fix 2FA account activity entry freaking out users
Coinbase is fixing a misleading account activity message that has caused confusion and anxiety, making users think their credentials were compromised. Over the past couple of weeks, numerous people have contacted GeekFeed about concerns that they think Coinbase has a serious security issue. After receiving Coinbase phishing emails or texts, they logged into their accounts […]
Bitwarden makes it harder to hack password vaults without MFA
Open-source password manager Bitwarden is adding an extra layer of security for accounts that are not protected by two-factor authentication, requiring email verification before allowing access to accounts. When a potentially suspicious login attempt is detected, like from an unrecognized device, the user will now prompted to confirm the action by entering a verification code […]
WordPress.org to require 2FA for plugin developers by October
Starting October 1st, WordPress.org accounts that can push updates and changes to plugins and themes will be required to activate two-factor authentication (2FA) on their accounts. The decision is part of the platform’s plugin review team effort to reduce the risk of unauthorized access, which could lead to supply-chain attacks. “Accounts with commit access can push […]