Modernizing Authentication — What It Takes to Transform Secure Access
InformationWeek's Mathew J. Schwartz reports that, in response to a recent data breach that led Evernote to reset all of its users' passwords, the company is planning to adopt two-factor authentication "as quickly as possible."
"We were already planning to roll out optional two-factor authentication to all of our users later this year," Evernote spokeswoman Ronda Scott told InformationWeek. "We are accelerating those plans now."
"By adopting two-factor authentication, Evernote would join a growing list of online service providers that have done the same thing, including Amazon Web Services, Dropbox, Facebook, Google and Gmail, LastPass, Microsoft SkyDrive and Xbox Live, PayPal, Yahoo Mail, and a number of financial services Web sites," Schwartz writes.
"Other security features are also in the works," writes Computerworld's Jeremy Kirk. "Evernote said it will offer 'significant upgrades to the optional client-side encryption features later this year, including updated algorithms to take advantage of the additional flexibility allowed under changes to the US export control laws, as well as other user-selectable features.'"