Last Easter, OoTheNigerian described how his mom’s email had been hacked, her social networks compromised, and how he subsequently decided to hook his whole family up with two factor authentication for their email and SNS accounts.
After reading that post, I thought okay, I’ll turn on two factor auth. Then I promptly forgot.
A few days ago, the NET’s domain was hijacked and moved to another nameserver. The perp got into their Gmail, accessed their domain registrar account and transferred the domain out. This sort of exploit could have been prevented with the same two factor authentication that Oo was talking about.
Freshly instilled with the fear of god from NET’s domain troubles, I hightailed it to my Gmail, to turn on two factor auth, also known as two step verification.
Two step verification adds another layer of security to your email account by requiring you to use both your password and your phone to login. That means that even if a hacker managed to figure out your password, they’d still be unable to get in, because they’d need to have your phone to complete the authentication process.
When I got to the Google page though, I hit a dead end. I couldn’t find Nigeria in the list of countries whose phone numbers are supported for two step verification.
Nuts.
The funny thing is that it used to work, until sometime ago. Why it stopped working? I’m hoping someone here might know someone at Google who can tell us.
So as it stands, if you use Gmail or Yahoo!, and have a Nigerian phone, the stuff in your email — which is not limited to its contents, but all the other apps and services it is connected to — isn’t as secure as it could be. All you can do is have a really, freakin’ solid password, and hope to god that some crazy hacker doesn’t crack it. Or you could just use Outlook — their two factor authentication worked flawlessly for me.