Facebook, twitter, amazon, ebay etc all use HTTPS to sign in.
I read it was very easy for a third party to be recording passwords that are entered when HTTPS is not used.
This could be a way getting users passwords which they may also use for other sites including commerce.
Interesting system. I assume the back up codes are only in case I get a hacked or loose my password? I feel like I wasn't paying attention. Edit: just read it again so yes. See I was paying attention.
I used the email system. Worked fine. Does the app path support all mobiles (blackberry and windows) or just Andriod and iOS?
I've written the backup codes down in my little book of passwords. Which if it ever gets stolen will mean I am totally stuffed. I've been thinking of labelling my little book with a sticker to dissuade all interest in its contents. Some thing like 'Research notes into political and economic theory and forecasts on a post democratic society entering Oligarchy'
Well thats weird. Just got asked for a code to log in that was sent to my email address. If that's going to happen every 30 days I think I will disable the two step thing.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.