LinkedIn Offers 2-Factor Authentication
Move Comes One Year After Massive BreachLinkedIn is offering users the option to adopt two-factor authentication to log into their accounts a year after the social media company experienced a massive breach.
See Also: Mitigating Identity Risks, Lateral Movement and Privilege Escalation
LinkedIn Director Vincente Silveira, writing in a company blog on May 31, unveiled the new feature in which a one-time code would be sent to a user's mobile devices through a text message.
"Most Internet accounts that become compromised are illegitimately accessed from a new or unknown computer or device," he said. "Two-step verification helps address this problem. ... When enabled, two-step verification makes it more difficult for unauthorized users to access your account, requiring them to have both your password and access to your mobile phone."
Silveira said LinkedIn protects all accounts by a series of automatic checks designed to thwart unauthorized sign-in attempts. The option for users to adopt two-step verification is an extra layer of security, he said.
LinkedIn provides a video that explains how to implement two-step verification.
An estimated 6.5 million hashed passwords were compromised in last year's breach, according to news reports.