Companies that use two factor authentication

Khannie · 29-01-2014 11:46am #1

So google springs to mind immediately. I love their two factor authentication. If you have a smart phone you can use an app for it so it's instant. If you have an old style phone you can have them text you the number (though this is slower).

I heard that PayPal do it in another thread on here, but couldn't seem to set it up (when push came to shove, the option wasn't available).

Are there any other companies that use two factor authentication that you're aware of?

feylya · 29-01-2014 11:49am

AWS
Facebook
Stripe
Dropbox
GitHub
Twitter

Khannie · 29-01-2014 11:53am

Is AWS just for AWS or also normal Amazon?

feylya · 29-01-2014 11:58am

Just AWS. Haven't seen it for Amazon.

Stuxnet · 29-01-2014 1:31pm

Ive got caught on AWS when Ive re-flashed my phone and forgot to disable 2 factor Auth. So be careful lol !!
Too many hoops to jump through to get back in, ended up making a new account !!

Blowfish · 29-01-2014 1:34pm

Microsoft have finally implemented it too, plus (like Dropbox, LastPass and various others) it works with any authenticator app that supports the standardised OTP algo, so you don't need a bunch of different apps for separate accounts, just the one.

Other ones not to forget are Steam, Apple, Twitter, Evernote, LinkedIn, Yahoo, WordPress, DreamHost and various MMORPG's.

PrzemoF · 29-01-2014 6:30pm

bitcoin.de
blockchain.info

syklops · 31-01-2014 1:06pm

Can't believe no-one mentioned Blizzard yet.

If you want to protect your vault in Stormwind, you can set up TFA on your World of Warcraft account.

Awkward Customer · 31-01-2014 7:35pm

Linode also have two factor authentication.

Is two factor auth with PayPal available if you're in Ireland? I an't seem to activate it.

p to the e · 05-02-2014 6:27pm

In Paypal you can set a passcode that needs to be said if dealing with operators over the phone. Quite useful against social engineering. This is hardly what they were referring to is it?

HereIBe · 18-03-2014 12:36am

http://twofactorauth.org/

Rucking_Fetard · 20-05-2014 8:29pm

How I bypassed 2-Factor-Authentication on Google, Facebook, Yahoo, LinkedIn, and many others.

I remember fondly two years ago, when 2-Factor-Authentication (2FA) became popular and well used across major web applications (Google, Facebook, Yahoo and others). I found, my naive sixteen year old self unable to come to terms for why the genius idea had not been thought of before. At the time, I felt that 2FA was that golden shield you could cover yourself with and defend against some of the most sophisticated phishing attacks calmly.

Whilst 2FA can still be that golden shield to the critical applications you use in your life, I shall be documenting below - using an array of exploitation methods, how I was able to bypass 2FA for Google, Facebook, Yahoo, LinkedIn and basically any service which sends 2FA tokens to voicemail.

Note: More than 9.59 million Australian Optus mobile subscribers are affected by the voicemail hack I detail below. Anyone from that 9.59 million with 2FA enabled, is vulnerable to the 2FA bypass I document below.

shubh.am/how-i-bypassed-2-factor-authentication-on-google-yahoo-linkedin-and-many-others/

Companies that use two factor authentication

Comments