This week Facebook announced that they have begun rolling out one-time passwords (OTP) to their users as an added layer of security. Facebook is providing OTPs to help protect its users while on public computers like those at coffee shops, libraries, hotels and airports. For Facebook users looking to take advantage of this, they'll need to have a mobile phone number in their Facebook account and by texting "otp" to 32665 they will receive a one-time use password that last for 20 minutes.
For quite some time VeriSign, now part of Symantec, has been educating consumers and enterprises on the need and value of OTP. Our cloud-based VIP Authentication Service allows enterprises to secure online access and transactions and reduce fraud risk. Let's face it, a username and password provides absolutely no security but that's exactly what most people are currently using and relying on to protect their data.
A recent survey points to some interesting and somewhat scary password related statistics including:
â€¢ 4 in 10 survey respondents stated that they shared passwords with at least one person in the past year.
â€¢ Nearly as many people use the same password to log into multiple Web sites, which could expose their information on each of the sites if one of them becomes compromised.
â€¢ 2 in 10 surveyed have used a significant date, such as a birth date, or a pet's name as a password - information that's often publicly visible on social networks.
â€¢ 14 percent never change their banking password.
â€¢ 30 percent remember their passwords by writing them down and hiding them.
One thing to consider is that the Facebook OTP offering only works with Facebook. What about the other websites you visit and login to everyday? One of our goals has been to eliminate the need for multiple OTP credentials by providing a unified strong authentication token that can be used across multiple services. Our VIP Network is a great example of how one OTP credential can be utilized across a number of websites. The VIP Network Members include eBay, PayPay and Geico just to name a few.
So what does it all mean? The Facebook OTP announcement is yet another proof point that strong or two-factor authentication is not only valuable but it has become a necessity to help protect anyone logging on to a website or network that contains personal or sensitive data. Cyber criminals are out there with the simple goal of stealing your personal and/or work related information and most people are currently making it a very easy and lucrative proposition for them. Thinking that the "username and password" system provides enough protection is like thinking that a screen door on a submarine will keep the water out. Neither of the two is very safe or secure.
To download a FREE VIP mobile OTP credential for your AndroidÂ®, iPhoneÂ®, Windows MobileÂ®, BlackBerryÂ® handsets or most of the devices using the Java 2 Micro Edition (J2ME) and BREW platforms, click here for more details.