April 09, 2013

WordPress tightens security with two-factor authentication

WordPress.com will now offer two-factor authentication as an opt-in capability for its millions of users to defend against account compromises.

Gary Pendergast, a developer at Automattic, the parent company of the popular web publishing platform, announced in a blog post late last week that users can now be prompted to enter “secret” codes upon logging into their accounts. These codes can be accessed either through the Google Authenticator app, which generates one-time login codes, or via SMS messages delivered to mobile phones.

WordPress.com sites have faced security issues in the past and are known to be a target for cyber criminals who leverage vulnerabilities to spread malware, such as the Flashback trojan, which infected Mac OS X systems.

The new feature comes on the heels of Apple's recent addition of “two-step verification,” which further protects its online account users through a similar process.
Related Articles
Related Topics

More in News

Privacy-bolstering "Apps Act" introduced in House

The bill would provide consumers nationwide with similar protections already enforced by a California law.

Microsoft readies permanent fix for Internet Explorer bug used in energy attacks

Microsoft is prepping a whopper of a security update that will close 33 vulnerabilities, likely including an Internet Explorer (IE) flaw that has been used in targeted website attacks against the U.S. government.

Weakness in Adobe ColdFusion allowed court hackers access to 160K SSNs

Up to 160,000 Social Security numbers and one million driver's license numbers may have been accessed by intruders.