It’s getting increasingly risky to use online services. You store a lot of your personal data in the cloud, and your credit cards are linked to accounts on retail websites. Hackers would love to get at your data, to empty your bank account, or to access your email account, using it for spam and phishing. And if someone can pretend they are you — steal your identity — they can cause innumerable problems to you and your finances.
We also hear of an increasing number of data breaches, where major websites, stores, or services have entire databases of user names and passwords hacked. These databases are then traded on the hacker underground, allowing anyone willing to pay a few cents per name to access your accounts. And in some cases, they’re passed around for free.
More and more websites and services are using two-step or two-factor authentication to provide an additional layer of security. This security technique verifies your identity when you log into a website by requiring you to both know something and have something. The thing you need to know is a user name and a password or a PIN; the thing you need to have is, these days, a mobile phone, but it could also be a USB dongle or other device that can generate one-time codes.
Read the rest of the article on The Mac Security Blog.