![]() ![]() Note: Everyone names things differently and pages sometimes change. Setting up secure account recovery is hard enough, but if the account isn't protected from forgotten/stolen/phished passwords, then the entire process becomes moot. I noted the minimum level of security required to access the account, the instances when extra security steps were required (such as during recovery), and additional security features beyond the basic password and two-factor authentication options. I looked at each provider's account recovery process as well as what type of security was in place to protect the account. Cryptocurrency made the list because I wanted to be cool. I included Apple because Apple ID is required for shopping on iTunes and Apple Music. The list included email providers Gmail, Yahoo, and Microsoft's social networking platforms Facebook, Twitter, and LinkedIn tech hubs Reddit and GitHub online retailers Amazon and Apple and cryptocurrency exchanges Coinbase and Kraken. As expected, some had better layers of security than others. So I looked at how 12 popular web services handled account recovery and found slight differences in each of their processes. The extra steps help "recover" the account to its rightful owner: You.Īs a long-time hacker, there is nothing more fun than using the real world as a laboratory. While passwords may be involved, account recovery isn't your basic password reset. We expect to have to take extra steps to identify ourselves as the account owner, but we also expect some level of security to prevent someone else from forging our details. If you’ve ever needed to get back into your account on an online service after changing your email address or getting a new phone, you went through account recovery. He needs a way to prove to the service provider he is really the Hunter Smith in question and not some sneaky imposter. Or he has his password, but he also turned on two-factor authentication on his account and he'd recently changed phone numbers. ![]() To make things worse, he can't reset the password because he originally signed up with the email address for a previous job. Hunter Smith's dilemma should be a familiar one: He forgot his password and cannot access his online account. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |