Jun 7, 2013

LinkedIn and Evernote Add Multifactor Authentication

Popular note-keeping app Evernote and professional network LinkedIn have both announced within the last week that they now support multifactor authentication. These additions come as part of an increasing industry trend of popular sites and services offering multifactor (or two factor) authentication for users to increase protection of their accounts.

For Evernote, users with the Premium or Business-level service can enable the new multifactor authentication option in their Evernote Web Account Settings. After entering their account username and email address to login, a six-digit code will be sent to their phone via text message that they must also enter before gaining access to the account. Alternatively, users can utilize Google Authenticator to generate the codes. See their recent Evernote Talk episode for more details.
For LinkedIn users, multifactor authentication, or two step authentication, can be enabled in account settings. A six-digit code is sent via SMS to the designated phone, which must then be entered after the username and password before a user can gain access to the account. Their slides on their recent blog post provide more in-depth set-up instructions.

Unlike Twitter, the implementation of multifactor authentication will be easier for brands on LinkedIn because they allow individual users with their own personal accounts to be "admins" of a company page, rather than restricting a company page to a single user login.

Nonetheless, we applaud these companies for releasing two step authentication. And while it's commendable that these services are being proactive and responsive, brands and individuals also have a responsibility to follow best security practices, which includes the use of a password manager and following through on enabling available security options. There is now a growing list of services implementing improved security options for their users, and we hope companies and individuals alike take advantage of these new features to better protect their accounts - and their critical data. If you haven't already, be sure to check out the multifactor options that are also available for your LastPass account.

Have a question you'd like to see answered by the LastPass team in a blog post? Let us know in comments or send us a note at marketing[at]lastpass.com. If we choose your question, you'll get a Tshirt!

4 comments:

  1. While I am glad they are offering two factor authentication, I really don't like the phone method and would prefer to have an option for YubuKeys as well.

    ReplyDelete
  2. I used to have a YubiKey but I find Google Authenticator on my phone much more convenient and it's also compatible with LastPass, DropBox, Google of course and now Evernote. It wins for me.

    ReplyDelete
    Replies
    1. Agreed. Yubikey is great, but what if you leave your Yubikey in another room. Then you have to go find it. Most of us have our cell phone with it all of the time, so google authenticator is the best solution IMO.

      Delete
  3. Wish they used Google Authenticator instead.

    ReplyDelete