Two-Factor Authorization
Because administrators have access to a lot of user data, administrator accounts are particularly valuable. Passwords are not exactly as secure as we’d like them to be or as effective in preventing breaches. Let’s take the next security step and add two-factor authentication to our administrative accounts. (There’s no real reason not to offer two-factor to everybody, but we’re talking about administrators here.)
The idea behind two-factor authentication is that we combine something users know—their passwords—with something users have—their phones. Implementations of two-factor authentication predate smartphones, but what used to require the distribution of a dedicated authentication fob can now be handled with SMS or ...
Get Take My Money now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
