web analytics

Some additional "Social Security"

Online Identity and Trust: Some additional “Social Security” Online Identity and Trust « Qualys provides VIP Protection to its customers | Main | VIP Mobile Software Developer Kit (SDK) Available for Windows Phone 7 » Some additional “Social Security”

facebook logo.jpg

This week Facebook announced that they have begun rolling out one-time passwords (OTP) to their users as an added layer of security. Facebook is providing OTPs to help protect its users while on public computers like those at coffee shops, libraries, hotels and airports. For Facebook users looking to take advantage of this, they’ll need to have a mobile phone number in their Facebook account and by texting “otp” to 32665 they will receive a one-time use password that last for 20 minutes.

For quite some time VeriSign, now part of Symantec, has been educating consumers and enterprises on the need and value of OTP. Our cloud-based VIP Authentication Service allows enterprises to secure online access and transactions and reduce fraud risk. Let’s face it, a username and password provides absolutely no security but that’s exactly what most people are currently using and relying on to protect their data.

A recent survey points to some interesting and somewhat scary password related statistics including:
•4 in 10 survey respondents stated that they shared passwords with at least one person in the past year.
•Nearly as many people use the same password to log into multiple Web sites, which could expose their information on each of the sites if one of them becomes compromised.
•2 in 10 surveyed have used a significant date, such as a birth date, or a pet’s name as a password – information that’s often publicly visible on social networks.
•14 percent never change their banking password.
•30 percent remember their passwords by writing them down and hiding them.

One thing to consider is that the Facebook OTP offering only works with Facebook. What about the other websites you visit and login to everyday? One of our goals has been to eliminate the need for multiple OTP credentials by providing a unified strong authentication token that can be used across multiple services. Our VIP Network is a great example of how one OTP credential can be utilized across a number of websites. The VIP Network Members include eBay, PayPay and Geico just to name a few.

So what does it all mean? The Facebook OTP announcement is yet another proof point that strong or two-factor authentication is not only valuable but it has become a necessity to help protect anyone logging on to a website or network that contains personal or sensitive data. Cyber criminals are out there with the simple goal of stealing your personal and/or work related information and most people are currently making it a very easy and lucrative proposition for them. Thinking that the “username and password” system provides enough protection is like thinking that a screen door on a submarine will keep the water out. Neither of the two is very safe or secure.

To download a FREE VIP mobile OTP credential for your Android®, iPhone®, Windows Mobile®, BlackBerry® handsets or most of the devices using the Java 2 Micro Edition (J2ME) and BREW platforms, click here for more details.

Posted by VIP Team on October 15, 2010 1:16 PM | Permalink Comments

Thanks for this article, I wasn’t aware Facebook had released OTP, but it seems to back a lot of sense for them.

I wanted to quickly comment on something else you write though:

[…] VeriSign, now part of Symantec […]

I was under the impression that Symantec bought the security operations and products of Verisign, but the registry operations remain running under the name of Verisign itself.

Your statement seems to imply everything became a part of Symantec, could you please clarify?

Thanks,
/Frank

Posted by: Frank Michlick | October 15, 2010 6:23 PM

yeah! it should be implemented. There’s a lot of scam cases in facebook!

Posted by: Elissa | October 16, 2010 7:37 AM

Good day!This was a really superb subject!
I come from milan, I was luck to seek your topic in google
Also I get much in your topic really thanks very much i will come again

Posted by: bet365 italia | October 17, 2010 4:22 PM

Frank,

Thanks for reading and for your comments. For clarity that should have read the “VeriSign Authentication Services, now part of Symantec” as that is the group that was acquired by Symantec. The Naming Services business was not acquired and is not a part of Symantec.

Thanks,
VIP Team

Posted by: VIP Team Author Profile Page | October 18, 2010 8:54 AM Post a comment (If you haven’t left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won’t appear on the entry. Thanks for waiting.)

Name:

Email Address:

URL:

Remember personal info?

Comments: (you may use HTML tags for style) VeriSign Identity Protection

Search Categories Authentication | Cloud-based Security | Device Security | Fraud Detection | Fraud Detection Service | Identity | Mobile devices and credentials | OpenID | VIP Blog | WiMAX | fraud protection | iPhone | layered security | two-factor authentication | second-factor authentication | verisign | Archives November 2010 October 2010 July 2010 May 2010 April 2010 March 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 Recent Posts And the SC Magazine Award finalists are… VIP Mobile Software Developer Kit (SDK) Available for Windows Phone 7 Some additional “Social Security” Qualys provides VIP Protection to its customers VeriSign Customers Honored by Computerworld Cloud-based Authentication Matters Here ‘Smart’ meters will require ‘Smart’ security A Year of Progress for VIP Access for Mobile VeriSign has “got your back” on fraudulent ATM activity Cloud computing security standards – Vinton Cerf, father of the internet, has got your back Subscribe to RSS FeedSubscribe Comments We encourage comments and look forward to hearing from you. Please note that VeriSign may, in our sole discretion, remove comments if they are off topic or inappropriate. Powered by
Movable Type 4.21-en Disclaimer: Opinions expressed here and in any corresponding comments are the personal opinions of the original authors, not of VeriSign.

VeriSign Legal Notices

Read our Privacy Policy

View the original article here