searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus
Help Net Security - Daily information security news with a focus on enterprise security.
Help Net Security - Daily information security news with a focus on enterprise security.
  • News
  • Features
  • Expert analysis
  • Videos
  • Reviews
  • Events
  • Whitepapers
  • Industry news
  • Product showcase
  • Newsletters
Zeljka Zorz
Zeljka Zorz, Editor-in-Chief, Help Net Security
January 25, 2018
Share

Reddit rolls out 2-factor authentication for users

The 234 million or so unique Reddit users are finally getting the option of setting up 2-factor authentication for their account(s).

reddit 2-factor authentication

Why is that important?

With over 540 million monthly visitors, social news aggregator Reddit is one of the top ten most popular websites in the world.

You don’t need to open an account to peruse its content, but if you want to participate in discussions on one of its countless subreddits, you’ll have to create one.

Many users enjoy the relative anonymity that the site offers, but have created a recognizable persona via their username and active interaction on the site, and would hate to see their accounts taken over by attackers.

A long, complex, and unique password does a lot to keep one’s online accounts safe, but 2-factor authentication means that even if the user is tricked into sharing his or her password (or the password has been compromised by malware), an attacker won’t be able to access the account without the second authentication factor.

Reddit 2-factor authentication

The feature can be enabled from the password/email tab in the account’s Preferences menu.

Users have to enable two-factor authentication, verify their email address, enter their password and set up an account on an authenticator app (that supports the Time-based One-Time Password protocol) such as Google Authenticator or Authy.

The whole enrolment process is explained in detail here.

The option of creating backup codes is also offered, in case users lose their smartphones and therefore can’t enter the required code/second authentication factor on login.

The feature has been already tested by beta testers, moderators, and third-party app developers, and most of the bugs are likely to have been splatted by now. Still, some users have taken upon themselves to point out some things that could be done better or could become a problem.

Others have lamented the lack of a “remember this device” option. As things stand now, users who enable 2FA will have to enter the second factor each time they log into the account – and that can become tiresome enough to make them forego that additional security measure.

More about
  • 2FA
  • account protection
  • reddit
  • social media
Share this

Featured news

  • A common user mistake can lead to compromised Okta login credentials
  • A closer look at TSA’s new cybersecurity requirements for aviation
  • Best practices to secure digital identities
How to protect online privacy in the age of pixel trackers

Sponsored

Webinar: Tips from MSSPs to MSSPs – starting a vCISO practice

Security in the cloud with more automation

CISOs struggle with stress and limited resources

How to scale cybersecurity for your business

Don't miss

A common user mistake can lead to compromised Okta login credentials

A closer look at TSA’s new cybersecurity requirements for aviation

Best practices to secure digital identities

These 15 European startups are set to take the cybersecurity world by storm

Enhance security while lowering IT overhead in times of recession

Cybersecurity news
Help Net Security - Daily information security news with a focus on enterprise security.
© Copyright 1998-2023 by Help Net Security
Read our privacy policy | About us | Advertise
Follow us