Passwords play roles in many security incidents. Phishing attacks often seek to collect a target's login information for online banking, corporate or private email, network login, auction or social media sites. In these and other attacks, attackers benefit from how we rely only on a password to access an account or prove our identity.
2-step verification is a more secure form of proving your identity (who you are) than just passwords. In most 2-step verification systems, you register a "trusted device" with an online banking service, blog, or social media provider: this device is typically your mobile phone. When you log in to that service or social media, you verify your identity by entering both your password and a "verification code" that's sent to your trusted device (again, most often your mobile phone). By adding this second step, someone who learns your password for your online banking service, etc., can't impersonate your or access your accounts unless he also has your trusted device. 2-step verification is a good defense against stolen passwords.
The purpose of this post - and the embedded survey - is to learn whether 2-step verification is popular, and where people are using it. A secondary purpose is to raise awareness of 2-step-verification so that more people will be encouraged to use it.
Please take a few minutes to answer the six (6) questions. Share the survey with your colleagues, friends and family members, especially those who are not overly technical. The more responses, the better!
Thanks in advance for your help. I hope to share results by 15 February.
Image by Dennis S Hurd, Creative Commons License