Password security is still a hotly debated topic with the that let users remember simpler passwords and being described as only "". Passwords are generally one of the weakest links in the security chain, so we recommend employing two-factor authentication , which can significantly improve security. ( TOTP ) is the standard algorithm in this space, with straightforward server-side implementations and free smartphone authenticator apps from and .
Passwords continue to be a poor mechanism for authenticating users and we’ve recently seen companies such as Yahoo! move to a “no passwords” solution—a one-time code is texted to your phone whenever you need to log in from a new browser. If you are still using passwords we recommend employing two-factor authentication which can significantly improve security. ( TOTP ) is the standard algorithm in this space, with free smartphone authenticator apps from and .
Two-factor authentication significantly improves security over simple password-based systems. -- Algorithm -- is a standard for two-factor authentication. 'Standard' authenticator apps from and provide tokens to smartphone users, and there are a number of other client and server implementations readily available. With providers such as Google, Facebook, Dropbox and Evernote using TOTP, there really is no excuse to continue using simple password-based authentication where stronger security would be appropriate.
