latest
Google passkeys will replace passwords — here's how to set them up
Passkeys are faster, stronger, and more protected than passwords. Here's why they're the future of personal login security
Are you tired of passwords? We're tired of passwords, even when they're made easier with a password manager app. Companies like Google are tired of passwords because they create too many potential vulnerabilities for user security. Everyone knows it's a problem. And now, a solution is on the rise. Welcome to the world of passkeys.
How to activate two-factor authentication on your Google account
Add an extra layer of protection to keep your personal data secure
With character-based passwords being the weakest link of the security chain, it's time we got more serious about protecting our online accounts (if you want to get serious about a new phone, we can help you). Two-factor authentication (2FA) is the stopgap between character-based passwords and a passwordless future. Many companies have adopted 2FA, which is necessary to keep up with the increased security demands of the modern era. Google is no exception here, as it recently began forcibly enabling 2FA by default for more accounts without users needing to do anything.
The Google Authenticator app is an essential security tool for many people, even as several alternatives currently exist in the market. In May this year, Google introduced the relatively minor "Click to reveal PIN" feature, which hides all two-factor authentication codes from view, allowing users to reveal only the codes they want to use. It seemed like a fairly innocuous inclusion, considering that 2FA codes change every 30 seconds anyway. But Google apparently doesn't see it that way, as the feature has disappeared from the Authenticator app following an update last week.
Google Authenticator's first update in years tweaks how you access security codes
The minor changes are welcome, but other authentication apps have clearly raced ahead
Google has been a huge proponent in popularizing two-factor authentication to make logins more secure, whether you use an alternate device prompt or a hardware key. However, you could say that the company hasn't exactly been as enthused about its own authenticator app as its last big update came in May 2020. A new update is finally on its way out, and it contains some new, albeit minor features that will layer on extra secrecy when it comes to moving those one-time codes around.
Google and Apple want to make SMS-based 2FA easier and more consistent
The idea is to bring uniformity and curb SMS-based phishing
Both Android and iOS have a couple of solutions baked in to let apps automatically verify your phone number through a single-use passcode sent over SMS. Earlier this year, Apple proposed to standardize the format of these messages to make the process even more seamless. After joining hands with Apple over their contact-tracing tool, Google is now backing Apple's proposal to make SMS OTPs (one-time passcodes) a tiny bit more secure and easier to use.
Twitter has supported 2-factor authentication (2FA) via authenticator apps for quite a while already, but it has always required you to add a phone number to your account for recovery and backup purposes. Since tie-ins with phone numbers tend to add an additional security risk thanks to SIM swap attacks, this wasn't the best solution for everyone, and Twitter has heard its safety-conscious users. It is now possible to secure your account with 2FA without adding a phone number at all.
Google's two-factor authentication hardware key, the Titan Security, has been available in the US for almost a year. After disappearing from the Store for a few months and a Bluetooth flaw that required Google to send free replacements, it's now making its way to four other countries.
Two-factor authentication is something that everyone should have on their Google accounts, but the traditional SMS and Google Authenticator methods can be a bit tedious. Back in 2016, Google added a new two-step verification approval prompt for Android devices that is painless to both set up and use. The prompt has gone through several design revisions since its initial release, and Google is currently experimenting with two new layouts.
Securing your account logins with two-factor authentication (2FA) is a very healthy online habit to get into, but it can be annoying when services decide to only send the codes via SMS. An authentication app isn't only more convenient, it's also safer because regular messages could still be intercepted or forwarded. For a while now, Instagram was one of very few accounts I use that only supported 2FA via SMS, but proper authentication app support was promised recently, and now it appears to be rolling out.
Password managers are becoming more and more of a hot topic nowadays. We live a lot of our lives online and that requires a growing number of accounts and identities; yet with multiplying security risks and hacks popping up left and right, it's crucial to use a password manager to stay on top of your login details. Most managers fall in one of two categories: the cloud solutions like LastPass, 1Password, and Dashlane, or the local solutions with a cloud backup option like Enpass (my personal favorite) or SafeInCloud or Keepass. Myki straddles the line between the two, being neither this nor that, but having resemblances to both, plus some very unique attributes that make it intriguing... very intriguing.
Passwords are not enough to protect your data. That much should be clear after spending any amount of time on the internet. There are constant hacks and leaks of user data, which sometimes lead to cracked passwords floating around in the darker corners of the internet. Two-factor authentication (2FA) can protect your accounts, but not all services make it easy. Until recently, Twitter's 2FA was a pain in the butt, but it added support for authenticator apps a few months ago and didn't tell anyone.
I must reiterate that some of the fields above may be more complicated than they sound and expect quite a bit of information while others may be fairly simple. It's also possible many of them will not have a user interface in the Fit app for either editing or even viewing, so third-party apps may still be the only way to make use of these.
We've known WhatsApp would be enabling 2-factor authentication for many months now, but the functionality has only just gone live in some of the latest beta versions of the app (2.16.341 and above, maybe even earlier).
Read update
The internet is a dangerous place with all sorts of shady people out to get your personal data. One of the best ways to keep your accounts secure is with 2-step verification (AKA 2-factor auth). Google has long supported that feature, but typing in those codes every time you log in can be annoying. Starting today, you can approve account logins from a prompt on your authorized mobile device.
There are a few ways to enable 2-factor authentication. One common approach is to send a text message to your phone containing an authentication token. Another option is to have an app installed that will generate that string of numbers without making you wait.
Protecting your online accounts is important, and 2-factor authentication is the best way to do that. The default method of getting 2-factor codes for most services is SMS, but authenticator apps can be more convenient. Google's own authenticator has been on the Play Store for years, but it's been very ugly until today. This app has finally gotten a material design makeover and a few new features too.
Twitch has been the largest live streaming video platform for quite some time, and now they decided to push out an update that helps users protect their accounts. Two-Factor Authentication is now available on all Twitch accounts.
Mobile payments app Venmo has been around for years now, but without two-factor authentication, security hasn't been as good as it could be. Fortunately the company is now getting around to changing that. Today it announced that it has added two-factor authentication to its mobile apps (Android and iOS) as well as the web.