Do You Use Two-Step Verification? [MakeUseOf Poll]

polls   Do You Use Two Step Verification? [MakeUseOf Poll]Last week we asked you how many monitors you use in your current setup. Thanks to the great turnout of voters, it was possible to get a pretty clear picture of the most popular setup. Can you guess what it is?

Out of 624 votes in total, 2% use five monitors or more in their setup (awesome!), 4% use four monitors, 19% use three monitors in their setup, another 19% use two monitors, one of which is a laptop, 20% use one single monitor, and the majority of the voters, 36%, use two monitors in their setup. Are you surprised?

Full results and this week’s poll after the jump.

Don’t forget to check out last week’s best comment by Ben Wilson, who took the time to tell us all about his setup, and won 150 reward points for his effort!

image   Do You Use Two Step Verification? [MakeUseOf Poll]

This week’s poll question is: Do You Use Two-Step Verification?

Want to make some extra MakeUseOf reward points? The most useful comment on the poll will be awarded 150 points!

More and more services are introducing two-step verification into their login process. It started with Google and Facebook, continued to Dropbox and Apple, with Twitter and LinkedIn joining the party only recently. Two-step verification, also known as two-factor authentication, is a security method which divides your login process into two steps: the first, enter your username and password; the second, enter a code sent to you via text message or a specialized app. Enabling this service makes it harder to break into your accounts, but also makes logging in more of a hassle. What’s your view on this?

What are the reasons to use or not use two-step verification? Tell us all about it in the comment below.

The comments were closed because the article is more than 180 days old.

If you have any questions related to what's mentioned in the article or need help with any computer issue, ask it on MakeUseOf Answers—We and our community will be more than happy to help.

30 Comments -

RĂ©y AĂ©tar

a bad headache when operators delivers sms after hours and if dnd is activated or if my phone is not with me

1hegame

yeah that’s true. you better always use phone call as verification in this case if the provider offers it.

Sylvio Haas

Dropbox, for example, shuts one door but leaves the other open. When someone tries to reach my Dropbox files when browsing, there is the protection of the two step verification, but if someone uses my pc, either a friend or a thief, he wil reach my Dropbox files from inside.

1hegame

I have locked my local Dropbox with folder locker. For the web interface, you have to think the ways how you can protect it. Like by using KeePass instead of LastPass or SlashDot and clearing cookies before handling the PC to someone.

Sylvio Haas

Tks for your comment. Anyone who clicks on the Dropbox icon at the system tray (near the watch) will reach the Dropbox site. That is what I was trying to avoid. As you said, the folder may be locked, but what about this access I’m mentioning? (Sorry for my English, I’m from Brazil)

julien c

It would be nice to have software two-factor auth, as with sms two facot aut, if you lose phone service you can get locked out of what you need to log in. Also with sms texting you would be using alot of sms which unless you have a unlimited plan isnt the most efficient way to be secure.

Max

5+ MONITORS!?!?! How crazy are you people??

Rajaa Chowdhury

Yes, I am a freelance consultant and also the administrator for Google Apps for Education with a renowned University in my city. I have implemented and we use the 2 step verification for Google Apps.

1hegame

Mine is second.

1hegame

“but also makes logging in more of a hassle” It does not make.

Junil Maharjan

two-step verification has become an essential part of the daily internet usage for me. it offers a better security that makes me feel much safe from unwanted usage of my accounts. in this time of technology where many hackers are creating chaos by using stolen identities and accounts, its hard to stay safe but at least the two-step verification is a much better alternative that i can think of.

Pooky Joralyn

I did use this feature in Facebook before, but stopped because of the hassle when logging in from many different browsers and apps. Sometimes the SMS carrying the code never reaches me.

Adrian Barat

It’s important for me to use 2 step verification process. Makes me feel more secure, especially for important account, but not to many services offer this option unfortunately.

Rob H

I recently had the dubious pleasure of trying to help a holiday rental villa owner facing the problem of someone using her email account to masquerade as her. The hacker intercepted booking requests and negotiated villa rental and payment to themselves. They gave people a “special offer” of a very big discount if they made immediate payment.

Unfortunately she disregarded my advice (to use a strong password and 2 factor authentication) and got hacked again. She then declared that “Gmail is insecure” – and moved to something less secure!
My assessment was that as she was using webmail from mobile devices, using “public” WiFi and in internet cafes while travelling, the risk of password capture was above average.

The advice to “use a secure password” is widely disregarded but is in any case rendered worthless if a hacker is able to capture the password.
It doesn’t even need “social engineering” to get some folk to disclose their password, some will give it to a stranger in a public place “doing a survey” especially if completing the survey involves a reward.

Accessing email in insecure ways like a public WiFi network, a private WiFi network which is not secured or in an Internet Cafe can make it easier for hackers to capture the password.

In the example I referred to, the way the hackers were using the account was quite subtle and not likely to be spotted by the true account owner. They left little trace of their activities unless you knew where to look. I don’t want to give details because that would make it easier for others to copy the techniques.

A common attitude to email security is that “there’s nothing in my email account that would be of use or interest to anyone else”. Not true. All of us are at risk from the scam when everyone in your address book gets an email apparently from you and asking for an urgent loan (3000 euros seems to be the popular figure, to be sent by Western Union) because you’re in trouble on an overseas holiday (in hospital, robbed, car impounded). I have personal knowledge of several instances of this among friends and family so it’s not just a theoretical risk.

The bad news is that 2 step verification is a nuisance – but then so is setting the burglar alarm on my house when I go out. “It’s a nuisance” is not a good reason not to do it.

One overlooked advantage of 2 step verification is that, despite all advice, many people use the same password for email and loads of other online services. While that advice remains valid, 2 step will ameliorate the risk of disregaring it a little.

dragonmouth

” I don’t want to give details because that would make it easier for others to copy the techniques.”
While that may be true, it would also make it easier for others to secure their accounts or discover how they were scammed.

Rob H

Maybe but also rather long boring (ok… like most of my posts!).

James Howde

The main thing that comes out of the two polls mentioned on this page is how little people who answer poles at MakeUseOf resemble the general population.

I’d say (based I’ll admit on no scientific evidence) that 90% of computer users use one monitor rather than the 20% indicated in the poll.

Yaara Lancet

There’s no doubt that MakeUseOf readers do not represent the general public in any way. You can take this pretty far. If you look at the general world population, there are lots of places where people don’t even own computers, let alone two monitors.

These polls were never meant to give an idea about the general population, they’re meant to give an idea about our readers, and that they do. :) Thanks for the feedback!

Andy Liu

I don’t use any two step verification because somehow I don’t want the services to hand out my telephone numbers to all my ‘friends’ handily. Also, I use a 15 characters alphanumeric symbol passwords for most important accounts. Only for financial institutions would I share my phone numbers.

Rob H

Two step verification doesn’t “hand out your telephone number”.

All a complicated password does is make it harder to guess or break with SOME techniques like dictionary attacks.
It doesn’t matter how complicated your password is if it gets hacked by a keylogger, via insecure WiFi or some other hacker techniques.

null

I use it on my bank account and also for my email service. If other sites offer it, I am unaware of their protection. I would use it if I knew it was offered.

ANKUR T

i feels it good when u r on outside home, inside home i do not like it

Catherine M

As someone who does not text – that’s right, my phone does not receive text – I am limited by one-step authorization. I will be upgrading my phone within the next year and then expect to engage some of my online accounts to two-step authorization.

Ryan Grassfield

I know that for me, two step verification with Google doesn’t seem to work half the time. I have tried it and most of the time it doesn’t send me a code.

likefunbutnot

I do not. Calls and SMS messages (and I have a whitelist of people who can SMS me anyway) to my phone number are delivered via Google voice to my email and/or the Google Voice app so that I don’t have to live my life tethered to a telephone in the first place. My phone isn’t particularly a unique identifier for me. I do have strong passwords and in some cases limit my access to certain online accounts to specific trusted computers, but I think two factor authentication is more hassle than it’s worth in my case.

doho

The main reason I don’t use two-step verification is that for some reason they require you to have an expensive smartphone and a monthly bill.

Rob H

You do not need a phone, you can print off a list of one-time codes to keep in your wallet instead.

Julie Smith

You only need a smartphone if the service requires a code from an authentication app. Many services also support SMS as the 2nd factor. In that case, any phone capable of receiving an SMS message can be used. Depending on your country and carrier, this can be done quite cheaply. A friend in Australia has an old Nokia phone on a Virgin prepaid plan which costs only $15 for 180 days.

Tayo Banjo

It is a good security practice. E.g. it makes my inbox access 99.9% secure .

Matthew Steffen

Yes, I use 2 step verification and i appreciate this because it is safe and also prevent id from hacker.