Amazon Boosts Customer Security with Two-Factor Authentication

With the busy holiday shopping season fast approaching, Amazon has quietly added an option for customers to boost their security online with two-factor authentication. According to one report, Amazon introduced the feature in private beta a few weeks ago before rolling it out in a wider release this week.

Amazon did not respond to our request for more information about when and why it introduced two-factor authentication, but its customer support site now includes several Web pages with instructions for how users can turn on, disable or change settings for the feature.

Many other online sites -- including those for Google Gmail and Microsoft Outlook -- already use two-factor authentication to add an extra layer of security for users. The feature usually works by sending verification codes to second devices, typically smartphones, that users can then enter online to confirm their identities.

Strong Authentication Still Lags

Over the past couple years, customers on Amazon's discussion forums have occasionally asked whether the company eventually planned to offer two-factor authentication for added security.

At the beginning of 2014, for instance, one user on the Amazon help community forum wrote, "Amazon is currently the only one of my security-sensitive accounts for which I haven't found an obvious way to enable 2FA." After being told that two-factor authentication was not an option at that time, the user noted, "That's a little unsettling."

Unsettling or not, the practice of using only a password with no further verification to access a secure site remains quite common. A recent White House update on government compliance with the Federal Information Security Management Act, which was enacted in 2002, reported that only around half of key federal agencies used any form of strong authentication for most of their privileged users.

Little Confidence in Passwords Alone

The same holds true for many...

Comments are closed.