Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Are you using 2-step verification? (Survey)

Greg Norcie gnorcie at
Thu Jan 29 06:52:51 PST 2015

You migth want to take a look at a study I worked on while interning at
PARC that looked at this issue in detail:

(PDF warning)

"A Comparative Usability Study of Two-Factor Authentication"
Greg Norcie (gnorcie at
PhD Student, Security Informatics
Indiana University

On 1/27/15 9:33 PM, Robert Guerra wrote:
> Are you using 2-step verification? If so, a colleague is conducting a survey for you to complete :-) Details are below...
> Thanks in advance!
> regards
> Robert
> --
> Robert Guerra
> Phone: +1 416-893-0377 
> Twitter: 
> Email: rguerra at
> PGP Keys :
> Are you using 2-step verification? (Survey)
> Passwords play roles in many security incidents. Phishing attacks often seek to collect a target's login information for online banking, corporate or private email, network login, auction or social media sites. In these and other attacks, attackers benefit from how we rely only on a password to access an account or prove our identity.
> 2-step verification is a more secure form of proving your identity (who you are) than just passwords. In most 2-step verification systems, you register a "trusted device" with an online banking service, blog, or social media provider: this device is typically your mobile phone. When you log in to that service or social media, you verify your identity by entering both your password and a "verification code" that's sent to your trusted device (again, most often your mobile phone). By adding this second step, someone who learns your password for your online banking service, etc., can't impersonate your or access your accounts unless he also has your trusted device. 2-step verification is a good defense against stolen passwords. 
> The purpose of this post - and the embedded survey - is to learn whether 2-step verification is popular, and where people are using it. A secondary purpose is to raise awareness of 2-step-verification so that more people will be encouraged to use it.
> Please take a few minutes to answer the six (6) questions. Share the survey with your colleagues, friends and family members, especially those who are not overly technical. The more responses, the better!
>  Thanks in advance for your help. I hope to share results by 15 February.

More information about the liberationtech mailing list