Just last week we mentioned the addition of two-factor authentication at Evernote; then LinkedIn snuck a blog post on Friday, May 31st, telling the world about their new SMS authentication. We are glad to see these popular services upgrading their authentication from password-only to password and SMS. It’s not hacker-proof – there are ways to defeat two-factor – but this is much better than password-only.
Here’s the skinny on the setup: Log into the LinkedIn website and on the top right, under your name, you’ll see Settings. Click that, and on the bottom left you’ll see Account.
Click that to get a Privacy Controls column to the right of the Account button; at the bottom of that column is a Manage Security Settings link.
Click that to go to a new screen: Security Settings. While you’re there, make sure to check the box that says “A secure connection will be used when you are browsing LinkedIn.”
Below that you’ll see the new two-factor option. Turn it on, they will ask for a phone number where you can receive an SMS, and they will send an SMS. When you log in you will get a congratulatory email titled “You’ve turned on two-step verification”, which says something like this:
You’ve successfully turned on two-step verification for your LinkedIn account.
We’ll send a verification code to phone number ending in XXXX (United States) whenever you sign in from an unrecognized device.
Learn more about two-step verification.
The LinkedIn Team
The link in the email takes you to this website, which is their FAQ on two-factor authentication.
Note: The warning when you turn on the SMS piece is “Note: Some LinkedIn applications will not be available when you select this option.” If you’re using apps that link to LinkedIn there may be some breakage. I haven’t found any yet in the two apps I integrated.