Sony finally enables two factor authentication for PlayStation Network users

screen-shot-2016-08-25-at-09-22-52.jpgSony

Years after a catastrophic data breach brought Sony’s PlayStation Network to its knees, the company has finally implemented two-factor authentication to limit the risk of such a disaster happening again.

PlayStation and PSP owners who have signed up to the network can now enable two-factor authentication on their accounts. Two-factor authentication (2FA) goes beyond the traditional password and permits users to connect their accounts to mobile devices — and when they wish to access their account, a code is sent to their smartphone or tablet which must also be submitted.

While this extra step is voluntary, 2FA does make compromising accounts more difficult as cyberattackers would also need to compromise your mobile device or be able to capture these codes, which means brute-force attacking user and password credentials would not be enough on its own.

PlayStation Network users who choose to use 2FA will need to input their passwords and will then be sent a verification code to their mobile device through a text message.

screen-shot-2016-08-25-at-09-23-58.jpg

screen-shot-2016-08-25-at-09-23-58.jpg

The move is welcome, despite Sony taking years to implement the additional security measure. In 2011, Sony’s PlayStation network was the target of a cyberattack which debilitated the network for weeks and exposed the account details — including names, dates of birth, email addresses, and some credit card numbers — of 77 million users.

Hacktivist collective Anonymous claimed responsibility for the data breach, and Sony was fined by the UK government over the disaster. The Tokyo, Japan-based firm later agreed to a settlement worth millions in a class-action lawsuit, which gave users in the United States a chance to claim damages if identity theft occurred due to the data leak.

Several years ago, rival Microsoft began offering 2FA on the Xbox Live network, alongside other companies including Google, Amazon and Facebook.

The new layer of security will not completely prevent account hijacking, but now cyberattacks are commonplace, any additional protection that vendors offer to protect your accounts is worth investigating.

More security news