Why don’t you give 2Fs about 2FA?

At this week’s Usenix Enigma conference in San Francisco, not only were all of the lavatories Unisex in line with the liberal leanings of the fantastic city (actually we don’t know if they were, that is just a cheap gag), but a Google software engineer going by the name of Grzegorz Milka, let the terrible cat-from-hell out of the bag that fewer than 10 percent of active Google devices use two-factor authentication.

Can this actually be true, we ask ourselves? Well if you click through on the link above, Mr Milka, presumably the heir to a chocolate empire of which even Willy Wonka would be envious has diagrams and everything. Astonishing.

In the same week that the Royal Canadian Mounted Police charged one Jordan Evan Bloom for reselling stolen usernames and passwords on the site LeakedSource.com, which included numerous Gmail passwords, as all of these mass breaches do, this has flabbered our gast.

If you know anybody who uses the services of The Chocolate Factory (and we do hope you see what we did there), friends, family, aliases of yourself, you etc., please have them turn on 2FA and implement a password manager before it is too late. Please.

In other password news this week, and this is not even slightly amusing, the hard working boys and (hopefully) girls at digital interruption announced that SinVR – a Virtual Reality porn outfit were shedding the names and email addresses of Virtual Porn enthusiasts, which could obviously be slightly awkward. Take off the headsets people and face the music.

Since the news on Marcus Hutchins has gone a bit cold, we are replacing Marcuswatch with Spectrewatch until the time comes.  There have been some interesting developments in vendor announcements of vulnerability to Meltdown and Spectre in the last week.

Pretty much all infrastructure vendors are releasing patches, so presumably they are concerned. Here is Cisco’s latest announcement. You can be fairly sure that all vendors are on the same trajectory.

It is now under two weeks until our annual security conference ‘Safe & Secure’, which will be held at the Banking Hall in The City of London on 31 January, all day. With some great speakers and hacking demonstrations, not to mention masses of charm and all round entertainment, you would be silly to miss it. REGISTER HERE or contact us at: [email protected] or call 0207 517 3900. Come along and discuss your issues, criticise our perspective, learn a few things, share a few things. It will be great to see you.