TeleSign launched Turn It On, a new campaign featuring a guide to two-factor authentication and providing step-by-step instructions for turning on 2FA for over a 100 popular social networking, banking, cloud computing and other online services that offer the 2FA option.
“The number one tip most experts give for increasing account security and stopping the fallout from data breaches is to turn on two-factor authentication,” said Steve Jillings, CEO of TeleSign. “Yet our research shows that the majority of consumers (61 percent) do not know what two-factor authentication is, even though it’s available on almost every account, free to the consumer and just waiting to be turned on.”
In an effort to bridge the gap between consumer concern and an effective and readily available security measure, TeleSign has launched the Turn It On campaign.
The guide currently includes instructions for the following services:
Backup and sync: Dropbox, Evernote, Google Drive, AeroFS, iCloud, Box, OneDrive, Revert, Tresorit, Yandex.Disk, Zetta.net.
Financial: Barclays, Bank of America, Discover, Chase, Fairwinds, HSBC, USAA, Wells Fargo, Ally Bank, Natwest UK, SEB.
Cloud computing: Clio, Amazon Web Services, Cloud 66, Google Cloud Platform, Microsoft Azure, Packet, Rackspace,
Communication: Basecamp, Campfire, Mailchimp, Salesforce, SendGrid, Office 365, Skype, Slack.
Cryptocurrencies: BitBay, Bitcoin-Central, BitGo, Bitstamp, Blockchain, Coinapult, Coinbase, Justcoin Exchange, LocalBitcoins, WeMineLTC.
Developer: Aha!, GitHub, Launchpad, Looker.
Domains: CloudFlare, Directnic, DNS Made Easy, Domeny.tv, Dyn, Dynadot, easyDNS, Gandi, GoDaddy, Hover, Internet.bs, InterNetworX, Metaname, Namecheap, Name.com.
Email: Gmail, Hushmail, Outlook, Pobox, Posteo, Yahoo, Zoho, FastMail.
Gaming: Blizzard, Enjin, Guild Wars 2, Origin, Runescape, Star Wars: The Old Republic, Steam, Trio Worlds, Square Enix.
Government: US Social Security Administration.
Hosting: Rackspace, Dreamhost, DigitalOcean.
Identity management: Bitium, MyDigipass.com, Okta, OneLogin.
Investing: E*Trade, Motif Investing, OptionsHouse, Interactive Brokers.
Payments: Buycraft, Google Wallet, PayPal, Skrill, Stripe, Venmo.
Remote access: Amazon AWS WOrkSpaces, LogMeIn, TeamViewer.
Shopping: Apple, eBay, Etsy.
Social Media: Facebook, Bitly, App.net, Buffer, Google Plus, Hootsuite, Tumblr, Twitter, VK, WordPress, LinkedIn.
But the list will likely grow, as users are welcome to suggest sites for inclusion.
The company also released its new Consumer Account Security Report, revealing that 70 percent of consumers lack a high degree of confidence that their passwords can adequately protect their online accounts. Additionally, about the same amount (72 percent) are in search of additional help to secure accounts.
Commissioned by TeleSign and conducted by Lawless Research, the survey polled 2,000 consumers in the US and the UK and revealed that while concerns around online security and password strength persist, ‘password fatigue’ among consumers is rife. 21 percent of consumers use passwords that are over 10 years old, pre-dating the launch of Twitter, YouTube and many online banking services.
Meanwhile, almost half (47 percent) rely on a password that hasn’t been changed for five years. Worryingly, a staggering 73 percent of online accounts also use duplicated passwords – with an average of just six unique passwords being used to protect 24 online accounts. This trend leaves people exposed to the ‘domino effect’ – where a hacker compromises a user’s password for one service to access all of their accounts.
On the upside, findings show that consumers are eager to learn about online security. In fact, 72 percent would welcome advice on how they can better protect their online accounts. The majority of consumers (68 percent) also want companies to provide an extra layer of security to keep their online accounts safe. But, in spite of this desire to learn and improve their online security, six in 10 are still not leveraging the markedly improved security that 2FA can deliver. The top reasons consumers gave for not enabling 2FA are that they don’t know how to set it up, don’t know what it is or that companies don’t offer it.
Additional findings from the report include:
- In the past year, 40 percent of consumers experienced a security incident (received a notice that their personal information had been compromised, had an account hacked or had a password stolen) and 70 percent changed their passwords in response.
- Most people (61 percent) use password-only account protection
- More than half of consumers (54 percent) use five or fewer passwords across their entire online life, while 22 percent use just three or fewer
- The US shows a significantly higher anxiety about online security incidents than the UK, with 56 percent of American consumers very concerned compared to just 35 percent in the UK
- 86 percent of people that are using 2FA believe it makes their online information more secure
- Websites are increasingly providing two-factor authentication options to better secure accounts, but users are often required to find the feature and ‘turn it on’ themselves.