2FA for login community & Roonlabs account

No, is not. It’s just a good step in the right direction. Hint: you may have the best password in the world, if the site/company where you use it is keeping that password in the clear in the data base your best password ever it’s worth nothing security wise (and believe me it happened to some very big software names, Sony PS whatever for example, to name just one, and it’s still happening).

For those not aware, this site will check your email address against a database of big name company data breaches. One of my old Linkedin accounts had been breached, so it is a perfect lesson on why reusing passwords is a bad idea!

https://haveibeenpwned.com/

1 Like

It’s common for many people to find their LinkedIn, Dropbox and Adobe accounts on there along with a load of accounts that have never existed (some kind of account stuffing). As the domain owner you can get the full list for each of your domains which is very useful.

Two of those 3 large companies who lost all their user accounts did so because admins in their companions re-used passwords from the Dropbox breach and that got hacker’s into LinkedIn and Adobe neither of who used 2FA.

I strongly recommend using 2FA when available, it’s a minor inconvenience compared to the improvement in security.

+1 for 2FA, I enable it on every account that has it. Extra security is never a bad thing nowadays!

2 Likes