Two-Step Verification Will End Consensual Impersonation

 

A couple of months back, I advocated killing your password policies and applying some other techniques instead to make existing use of passwords more effective (including my hobby horse: take the user-experience sting out of rotating ordinary static passwords by pushing them out to users on an alternate channel, à la activation codes and other OTPs). But adding factors is still a great idea, and the barriers to doing so are falling fast.

 

Read more