Buffer addresses a recent security problem
If you were using Buffer, you undoubtedly heard of their recent security issues; if you missed it: they were hacked and status updates were being sent from users’ accounts without their permission. For the past few weeks Buffer has been working on a way to both resolve their security issues, and step up their security measures. The answer? A new two-step login process.
The new two-step login process is an optional feature that adds an extra layer of security to your account. When you log in, you will enter your username and password, as you always have, but then, your will also be asked for a second authentication code that will be sent to you via a text or through the mobile app.
Basically, when you log in, enter your credentials, or, if you sign in via Facebook or Twitter, your identity will be verified first. Once this is successful, a six-digit verification code will be sent to your mobile phone and you will be required to enter this code to complete your log in process.
You should go right now to set up your two-step login
To set up your two-step login, log in to your Buffer account as you normally would and then navigate to “my account.” You can then select, “access and password,” then select “enable 2-step login.” You will then see two different ways to generate a 2-step code on your phone: via text message or with Google Authenticator; choose an option. And once your receive your code, you will need to enter it. You will be asked to put in a new six-digit code every time you log in, so keep this is mind before you enable this setting.
Buffer has also reset all breached credentials affected by the hack. They have also begun encrypting email addresses stored in their database, as well as encrypting access tokens that let them post to your social media accounts. Additionally, all team members were required to change passwords and were given the option to use the new two-step login process.
This could be super helpful for businesses that have multiple team members attached to a Buffer account. It is another step to help ensure the safety of your information with minimal effort on your part, in my opinion.