Mail.ru and Yandex launched their own two-factor authentication services with a difference of several hours
Mail.ru and Yandex on the same day (with an interval of several hours) announced the launch of the possibility of two-factor authentication to access their Internet services, reports Roem. Mail.ru has been testing its system for a month now, Yandex managed to present a new functionality on its blog three hours earlier than its competitors, and then promptly published a separate post for the Habra audience. Information about the launch of the new functionality from Mail.ru is covered in the official press release on the company's page. At the same time, the principle of operation of the presented functionals is strikingly different.
With two-factor authentication in “Yandex”, you can not enter the username and password in the browser at all - therefore, it will be almost impossible to steal them from the user's computer, the developers say . To verify the identity, a smartphone and a special mobile application Yandex.Key for iOS and Android are used, which must be associated with your account.
The application, which can be accessed only after the introduction of a four-digit PIN code, allows you to read a QR code, which in turn is displayed on the screen when you try to log in to your account using two-factor authentication. In the QR code, the session number is sewn up, and when the application scans it, this number is transmitted to the server along with a one-time password and username. After the server receives the data, the page opened in the browser automatically logs into the account.
According to the information from Mail.ru, in their version of two-factor authentication, the first factor is the password, and the second is the code that the user receives via traditional SMS to the phone number associated with the account. According to the developers of the solution, this is the most affordable way, including including an audience that does not use smartphones on popular operating systems.
')
Anna Artamonova, Vice-President of Mail.ru Group, commented on Facebook on almost simultaneous presentation of similar account protection functionals:
After some time, the network began to talk about a "shootout" between companies using demotivators.
The head of Yandex’s personal services, Anton Zabannykh, at the suggestion of IT journalist Pavel Kushelev, posted on his Facebook page a demotivator comparing the functionality of both authentication systems:
But the same Kushelev himself published another demotivator, this time making a lunge in the direction of “Yandex”, the authorship of which some mistakenly attribute to Mail.ru:
Due to fundamental differences in the work of both services, it is not possible to say which of them will be more comfortable. This can only be understood after some time, since Yandex has taken the path of innovation, which imposes restrictions (only users with iOS and Android devices and constant access to the network), and Mail.ru used the classic approach to ensuring account protection using SMS. What will be more convenient - users decide.
With two-factor authentication in “Yandex”, you can not enter the username and password in the browser at all - therefore, it will be almost impossible to steal them from the user's computer, the developers say . To verify the identity, a smartphone and a special mobile application Yandex.Key for iOS and Android are used, which must be associated with your account.
The application, which can be accessed only after the introduction of a four-digit PIN code, allows you to read a QR code, which in turn is displayed on the screen when you try to log in to your account using two-factor authentication. In the QR code, the session number is sewn up, and when the application scans it, this number is transmitted to the server along with a one-time password and username. After the server receives the data, the page opened in the browser automatically logs into the account.
According to the information from Mail.ru, in their version of two-factor authentication, the first factor is the password, and the second is the code that the user receives via traditional SMS to the phone number associated with the account. According to the developers of the solution, this is the most affordable way, including including an audience that does not use smartphones on popular operating systems.
')
Anna Artamonova, Vice-President of Mail.ru Group, commented on Facebook on almost simultaneous presentation of similar account protection functionals:
Yes, it is good that we started testing a month earlier and it can hardly be said that we are - habrahabr.ru/company/mailru/blog/246607 . How did it happen that on the day when the release was appointed, some people managed to 3 hours earlier - a good question, but I do not want to suspect anyone.
After some time, the network began to talk about a "shootout" between companies using demotivators.
The head of Yandex’s personal services, Anton Zabannykh, at the suggestion of IT journalist Pavel Kushelev, posted on his Facebook page a demotivator comparing the functionality of both authentication systems:
But the same Kushelev himself published another demotivator, this time making a lunge in the direction of “Yandex”, the authorship of which some mistakenly attribute to Mail.ru:
Due to fundamental differences in the work of both services, it is not possible to say which of them will be more comfortable. This can only be understood after some time, since Yandex has taken the path of innovation, which imposes restrictions (only users with iOS and Android devices and constant access to the network), and Mail.ru used the classic approach to ensuring account protection using SMS. What will be more convenient - users decide.
Source: https://habr.com/ru/post/366107/
All Articles