Tumblr Implements HTTPS for New Blogs

Due to the great work by @aloria at Tumblr, they have implemented free HTTPS (by default) for all new Tumblr blogs, that’s right, all of them! But if you already had a blog you might not know where to look to enable this setting for your blogs so I decided to write up a very quick walkthrough on how to enable it.

Continue reading “Tumblr Implements HTTPS for New Blogs”

Two-Factor Authentication

Two-factor Authentication (2FA) or Multi-Factor Authentication is the ability to use at least two forms of authentication for a login. This adds an extra layer of security to your accounts for very little effort applied. This post will cover some of the methods available for client-side 2FA, as well as the pros and cons of each method. Implementing server-side 2FA will come in a later post, and will provide a more in depth look at setting up things like TOTP, SMS, and Email on the server-side.

The most common method as a second form of authentication is SMS, where a code is sent to a phone number that was specified when setting up 2FA. The next most common methods would be a phone call or an email. But probably the best methods would be the use of a hardware token or a software token. Let’s take a look at the methods available and their advantages and disadvantages.

Continue reading “Two-Factor Authentication”