Adding two-factor authentication for all users. It’s been possible for mods and some testers for a while, but this is the first time the vast numbers of redditors will have access to it.
Turn it on and you’ll hold to enter a six-digit code sent to your phone whenever you have a new login trial. You’ll need Google Authenticator, Authy, or any TOTP helping auth app texting codes is no longer supported and really, it was perpetually a bad idea.
There’s not much to set it up: go into the password/email area of the site’s inclinations once you’ve logged in on a desktop browser. Enable two-factor authentication and follow the directions.
Now, this may be a difficulty for power users, who might have trouble switching between the one they use for ordinary browsing and the one they use to post racist remarks on every post they can or the one they use to vehemently object with a headline without viewing the article. But that’s the price of the security.
The extra security means that if someone else has your password, they still wouldn’t be able to log into your story. Reddit’s 2FA security can also create ten backup codes, so if you lose your phone or have trouble with the authenticator app, you can still access your online account with one those single-use codes. Clearly, these should be stored someplace safe. Reddit doesn’t offer support for hardware tokens or keys sent over SMS.
Most websites offer 2FA, and though it can provide significant protection, it does have limitations. Earlier this week, a Google engineer explained that more than 90 percent of active Gmail accounts don’t use 2FA. And learn, never ever reuse passwords that will assuredly end up in any deep web repository. Use a password manager to enable unique phrases instead.
Take your time to comment on this article.