I've been making an effort recently to enable two-factor authentication (2FA) to my passwords wherever possible. Today, I was thinking that it might be a good time to add it to my steemit account. I searched through the settings, and then went to Google only to find that 2FA isn't an option on steemit.
This was really surprising and just seems crazy to me, as 2FA is a pretty basic security feature these days and Google Authenticatior is widely used and available. So many people on steemit have huge balances in their accounts and it just seems wise to let people lock down their accounts.
If you're not familiar with 2FA or Google Authenticator, it's really pretty simple. When you login to a site for which you've enabled 2FA, just entering your password isn't enough. You open an app on your phone that gives you a random code to enter in addition to your password. The code changes frequently, maybe once every 30 seconds or a minute. The idea is that even if your password is compromised, your account will be safe unless both your phone AND password are stolen.
2FA has been in use forever for secure applications. You used to have to carry around an annoying keychain dongle with your 2FA code, but here in the age of smartphones, everyone can use 2FA. Steemit needs to get with the program! You can't be on the bleeding edge of technology and be slack about security, especially with this much money at stake.
images courtesy of zdnet.com and Cpt. J.L. Picard