After a scare having to do with email, and reading Mat Honan's tail and subsequent expertise, I finally converted to Google's 2-step (2-factor) authentication.
Kinda an adventure. But so far so good. Thanks Sam for sorta kicking me off the ledge. Google did an amazing job of making it approachable: - Trusted: You can specify computers that are "trusted" thus only have to do vanilla logins. This means my Air and Mini don't have to do further TFA .. after doing it just once. - Mobile/Apps: Google offers an interesting stunt: App Specific Codes. These are hash-like passwords for mobile and desktop apps that depend on Google but can't do the 2-factor login. You simply specify a name for apps that need this (for me, Mail.app, iCal, iPhone apps and more as I discover them) and are given a new password for them to use. Magic. - Authenticator: Google initially has you depend on SMS or Voice mail to send you the 30-second, 6 digit PIN implementing the second factor. But you can also download an app for smartphones that act like RSA cards, giving a new PIN every 30 seconds. Its great because it works without the network, and also is simpler to use. Also solves the "mobile" problem traveling to europe .. you can get a euro-SIM and not be cut-off. So the experience is pretty much as before after "registering" my trusted devices and App Specific Codes. All work only on thing "I have", thus the second factor. I'll try this for a month while upgrading passwords elsewhere .. then I'll one-by-one start 2-factor on Dropbox, PayPal, Schwab, Facebook (which I may just kill), AWS and finally, Wordpress (if I haven't migrated it to JavaScript). I'm hoping 2-factor will take off so that every month I'll have a new one to consider! -- Owen
============================================================ FRIAM Applied Complexity Group listserv Meets Fridays 9a-11:30 at cafe at St. John's College to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
