XXL Cloud and 2nd Factor Authentication
XXL Box and XXL Cloud in an effort to tighten cloud safety and privacy, is working on the next level of security. We are about to implement the so called 2 Factor Authentication.
What will this mean to our users?
At the beginning and for the transition process 2FA (2 Factor Authentication) will be enabled on your request.
The login process will then require the following:
- You initiate the login process by providing your username and password.
- XXL Cloud sends you an SMS with a 4 to 6 digit code. You enter the code in the on-screen provided field.
- If the code is correct you will be logged in as usual.
- If not, all warning bells will ring and we’ll send you an email with the data of the failed attempt, and your account will be locked for 10 minutes.
This process ensures that hackers can’t retry their attempt, which makes the process to compromise a users' account extremely unlikely.
Beside this, we are examining the possibility of further authentication methods, such as sending an email with the code to your email account used for registration. We tend to vote against this approach, simple because your email account is more likely to be compromised than your mobile phone.
Please tell us your opinion in the comments below.