Tumblr has today announced a new feature, which I would urge all users to consider enabling.
You know how you need two keys to launch a nuclear missile? Two-factor authentication works like that. One key is your password, the other key is your cellular phone, and you need both to access your Tumblr Dashboard.
If you enable the feature, then you’ll not only need your username and password to log into Tumblr. You’ll also need a one-time authentication code that will be accessible via your mobile phone. In short, the bad guys won’t just need your username and password, they’ll also need that code (or physical access to your phone).
In a world where it’s not at all unusual for users to be careless with their password security, two-factor authentication (often shortened to “2FA”) makes a lot of sense.
Of course, 2FA doesn’t mean you should be any more diligent about checking you’re not entering your password on a phishing site, or ensuring that you are using different passwords for different accounts, but it is an additional level of protection which makes life much harder for criminals trying to gain access to your account.
It’s good to see Tumblr introducing this feature. Let’s hope that more and more sites adopt similar security in future.