

Two-factor Authentication for App.net - garrettdimon
http://blog.app.net/?p=4811

======
Goopplesoft
Thanks for going 2factor and even better: using google authenticator. Two
factor is too easy and adds too much to user security to be avoided.
Furthermore, I think google authenticator should become the standard to
increase usage longterm, so much so I made a service to make implementing it
even easier: <https://www.gauthify.com>

~~~
beryllium
Checking it out - looks like your PHP lib doesn't explicitly declare
CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER, so that could be vulnerable
to peerjacking. If I have some free time tonight I might be able to submit a
PR for it.

~~~
Goopplesoft
Hey, sorry didnt check HN comments till now. I will push a fix up for this
today.

------
pbreit
I wonder if app.net has a better shot at becoming a single-signon service than
whatever its primary aspiration is?

~~~
brianwillis
How would it be better suited than any of the other companies competing in
that space?

~~~
pbreit
Never said it would.

