Showing posts with label Authentication. Show all posts
Showing posts with label Authentication. Show all posts

Wednesday, November 16, 2016

Whatsapp introduces Video Calling, 2 Factor Authentication and other new features



WhatsApp has finaly introduced the most awaited features Video Calling & 2 Factor Authentication (2FA) out of Beta version, we have reported earlier. The world’s most used instant messaging service has been getting new features recently. The updated GIF support, document sharing and different emoji for example. These quality of life changes were not in a particularly high demand, unlike video calling. 

The Most Demanded Feature:  

WhatsApp users have demanded video calling ever since the option to call other WhatsApp users has become available. It had some issues at the beginning but they were eventually resolved or diminished to some extent. The small changes mentioned earlier have been coming to the instant messaging app over the past few weeks. However these changes didn’t warrant as much attention as video calling is getting now.

WhatsApp has introduced a new security feature which is most popular with the security named "2 Factor Authentication" that fixes a loophole in the popular messaging platform.

WhatsApp allows users to sign up to the app using their phone number, so if an attacker wants to hijack your WhatsApp account, they would require an OTP (One time password) send to your phone number.

The attacker can grab this OTP by diverting the SMS containing the passcode to their own computer or phone, using either a malicious app or SS7 vulnerability, and then log into the victim's WhatsApp account. The attack even works in case the phone is locked.

So in order to fix this issue, WhatsApp has now introduced Two-Step Verification (2SV) password feature for its Beta version for Android, which will help you lock down the WhatsApp set-up mechanism.


In other words, to reconfigure the WhatsApp account with two-step verification enabled, one must require not just OTP but also a 6-digit 2SV passcode set by the user.


How to Enable Two-Step Verification:



To enable two-step verification (2SV), you need to sign for the WhatsApp's Beta version, and follow these simple steps:

  1. Go to WhatsApp Settings → Account → Two-step verification.
  2. Click enable, set a 6-digit passcode and re-confirm it.
  3. On next screen, enter your email ID (optional) to enable passcode recovery via email. (It's recommended to use email as backup so that you're not locked out of your account if you forget your passcode.)
  4. Hit "Done, " and you are all set to go.
So, next time when you reconfigure your WhatsApp account on your new phone or want to add a new phone number to your account, the messaging app will require you to enter and confirm this six-digit secret code.

Providing your email address is optional, which if enabled, will help you reset your passcode when you forget it. Here's what WhatsApp explained about email option:

"We do not verify this email address to confirm its accuracy. We highly recommend you provide an accurate email address so that you are not locked out of your account if you forget your passcode. If you receive an email to disable two-step verification but did not request this, do not click on the link. Someone could be attempting to verify your phone number on WhatsApp."


Forget your passcode after setting it months ago?

For helping you remember your 2SV passcode, WhatsApp will periodically ask you to enter your passcode, and there is no option to opt out of this without disabling the 2SV feature.


For now, the feature is available only on WhatsApp beta version, and the company will start rolling out two-step verification with the release of a stable version for both the iOS and Android for over 1 Billion users in the coming weeks.


To enjoy two-step verification, you can sign up to become a beta tester and update to WhatsApp (Beta) version 2.16.346 straight from the Google Play Store.


Once signed up, your smartphone will be automatically updated to the WhatsApp Beta version in the next app update cycle.

Thursday, June 23, 2016

Google's 2-Factor Authentication, more simple and faster


When it comes to data breaches of major online services like LinkedInMySpaceTwitter and VK.com, it's two-factor authentication that could save you from being hacked.

Two-factor authentication or 2-step verification is an effective way to secure online accounts, but many users avoid enabling the feature just to save themselves from irritation of receiving and typing a six-digit code that takes their 10 to 15 extra seconds.

Now, Google has made the 2-Step Verification (2FV) process much easier for its users, allowing you to login with just a single tap instead of typing codes.

Previously, you have had to manually enter a six-digit code received via an SMS or from an authenticator app, but now…

Google has introduced a new method called "Google Prompt" that uses a simple push notification where you just have to tap on your mobile phone to approve login requests.

In other words, while signing in to your account, just enter your password, and you will get a pop-up message on your mobile phone asking you if you want to sign in. If you want, then press "Yes" and you're in.

How to Set Up Google Prompt


Here's how you can enable Google Prompt for your Google accounts:

Before enabling Google Prompt, first enable two-step verification for your Google account and you have already enabled two-step verification, you can skip this part.


  • Go to myaccount.google.com and sign in to your Google account.
  • Select 'Signing in to Google,' using 2-Step Verification.
  • Click on 'Get started' and enter your password once again.
  • Now provide your phone number you want to use for authenticating, and choose either an SMS or phone call for verification, and click on 'Try it.'
  • Enter the 6-digit code from the SMS or phone call and select 'Next.'
  • For setting up two-step verification, click 'Turn ON.
Now, once you have enabled two-step verification, follow these simple steps that will just take a few second. All you need is an Android or iOS device nearby.


  • Under 'Set up alternative second step,' click on the Google prompt option
  • Add phone and click Get started.


Then just follow the on-screen instructions and you're all set to go.

If you have an iPhone, you are required to download the Google Search app first and sign in before using Google Prompt. But, if you are an Android user, just update your Google Play Service.

Two-step verification has become so easier to use, so what are you now waiting for?