Two-Factor Authentication Now Required For Logins

At RTWire we continually strive to find the optimum balance of security and utility for users of our service. This is one of the reasons why our API uses the simple and secure Basic Auth protocol (over HTTPS). We also give the option of enabling two factor authentication on our admin console.

However, as our service becomes more popular, we are aware that we become a bigger target for people of malicious intent. Therefore, even though user utility will be slightly decreased, we will make two factor authentication compulsory for all logins of our admin console on July 1st 2015. This will limit the harm that can be done when passwords are stolen for example by keyloggers.

Compulsory two factor authentication will be phased in over the next month. Accounts that don't already have it enabled will be directed to set it up on login.

As a consolation, our two factor authentication system uses TOTP that is compatible with many secure password services including Google Authenticator and Authy.

Images:
Padlock – Isaac Wedin