With news of recent vulnerability disclosures, account compromises, and various data breaches, security is a very hot topic in the IT world. Here at SocketLabs we are fully committed to the security and protection of our hosted email solutions, customers, and their data. As you may know, we’ve touched on some of these points and the importance of password security in a previous blog post (http://www.socketlabs.com/blog/taking-password-security-seriously/). While password complexity, transmission, and the implementation of correct hashing algorithms are indeed important, we wanted to take things a step further and provide an additional layer of security for our customers.
One of the many security features we have recently implemented at SocketLabs is Two-Step Verification for our Control Panel. Two-Step Verification is a two step login process that can help to prevent unauthorized access by ensuring that only an authorized user, who has been validated by a second authentication token, can login. By using Two-Step Verification, your user is taking advantage of the multi-factor authentication methodology of Something You Know (password credentials) and Something You Have (mobile device). This additional layer of protection ensures that even in the case of a customer credential compromise, only valid users can authenticate to our Control Panel.
If you’d like to setup Two-Step Verification email you can follow the steps below to ensure your account is protected:
- Log into the SocketLabs Control Panel
- In the upper right corner of the screen, click on your username, and then select “Security”
- Under “Advanced Security Settings” click the “Enable Two-Step Verification” button and complete the setup process
For more detailed setup instructions, you can refer to our knowledge-base article located at https://support.socketlabs.com/kb/145/.
Once you have successfully setup Two-Step Verification Email, you will be prompted for a verification code when you attempt to log into the Control Panel. Your verification code will be sent to you via SMS or can be retrieved from the Google Authenticator app depending on which verification method you selected during setup.
While Two-Step Verification Email does add another step into the login process, the security benefits greatly outweigh the time it takes for additional authentication. You can review this new optional feature in our Control Panel and determine if it meets your personal security needs. It only takes a few minutes to setup, and you can disable it at any time.