We have recently introduced a new security feature for all AppNomu accounts. Now, when logging in, users who haven’t yet enabled app- or SMS-based two-step verification (2FA) will be prompted to enter a code sent to their registered email address.
While this email-based two-step verification isn’t as secure as app- or SMS-based methods, it is a significant improvement over just using a username and password.
You might have encountered similar processes with other online services, such as banks, airlines, streaming platforms, and other providers that use email-based 2FA.
Why we’ve enabled 2FA for all accounts
In essence, domain names and email are crucial, and we aim to keep your account secure. Implementing 2FA is the most effective way to achieve this.
We’ve been planning to make 2FA mandatory for some time. Back in mid-2021, we introduced email address verification as a step towards implementing email-based 2FA. Since then, most of our users have verified their account email addresses, giving us confidence that nearly all active users have access to their associated email addresses.
While enabling 2FA for everyone might risk locking out legitimate users who can’t access their account or backup email addresses, we believe this is a reasonable trade-off for the enhanced security it provides. Additionally, we have a recovery process in place for the rare instances when this occurs.
To Wrap Up
There’s more security going on behind the scenes, but those are the customer-facing features we strongly suggest you take advantage of. It also never hurts to mention the importance of password length (the longer it is, the harder to hack) and not re-using credentials for your various online accounts.
If you have any questions or need help setting up any of these features, get in touch with our support team.
