To Do The Two-Factor Authentication Or Not

Please visit your settings page and make sure you have enabled two step authentication. This makes your account more secure and can help you regain access to your account using your phone in case you forget your password.

This message appeared in the admin panel here on this site a few days ago. I am not sure whether I have found the same link now, but this page on WordPress explains all about two step authentication.

Having read it, the thoughts that are going through my mind are:

1. So the back-up plan behind the two-step plan is to write a 10-character ‘non-password’ and keep it safe.

2. I have a plugin named ‘limit login attempts’ on all of my self-hosted sites. Before I installed it I had no idea how many attempts there were at brute-force logins. I was astounded (yes, ‘rocked back on my heels’ astounded) at the number of attacks each day. A whole laundry list of attempted forced logins each day.

So the question is, what does Automattic (the maker of WordPress) have secretly tucked up its sleeve that limits bad login attempts? I guess I could test it on a test site to see whether I get locked out.

3. Should I play the ‘social proof’ game and wait for everyone else to do it first?

4. I was wondering whether setting up two step authentication would somehow interfere with Google logins because it’s a Google authenticator and Google using two-step authentication for Gmail login.

5. Have I secretly done it already, and I’m just now saying?

6. Do they need to do a bit of grammar/syntax/nomenclature housekeeping?

The article says “To add another layer of home security, you can now enable Two Step Authentication, also known as Two-Factor Authentication…”

The article uses both interchangeably but in either case if the words are a compound adjective describing the kind of authentication, then shouldn’t ‘two step’ be hyphenated, as in ‘two-step authentication’ just like they have ‘two-factor authentication’?

2 thoughts on “To Do The Two-Factor Authentication Or Not”

  1. I have yet to familiarize myself with this. For a while I had it set up with Google/Gmail but for the time being, I’ve disabled it.

    Scary, about the number of log-in attempts. The meanness of this world….

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s