Data leak has become a common incident when it comes to the digital world. But when it affected big companies like Samsung, something got to change.
The South Korean company admitted that it experienced a data leak, caused by a glitch that resulted in about 150 users' private data like names, addresses and phone numbers being exposed. Because of this, the company is not taking any chances.
Here, the company is making 2FA a "mandatory" for all Samsung Accounts holders.
First reported by SamMobile, Samsung is rolling out an update to its Samsung Account app through its Galaxy Store with the change.
In order not to annoy people, Samsung isn't forcing 2FA by logging people out of their accounts.
Instead, the change takes effect after users log out of their Samsung Account, with the app prompting them with the additional authentication system.
This is rather odd, given that users who are already logged into their accounts are the majority of Samsung users.
Their accounts will still be secured because in case someone else wants to log in using their credentials, they will face the mandatory 2FA prompt. But because Samsung isn't notifying users directly, most people are likely to remain unaware of the change until they log out and log back in to their dismay.
Previously, Samsung has had the option for users to use 2FA in the past, with SMS as the default.
But if users prefer not to use an SMS-based system for their second authentication, they have the option to set it up using an authenticator app (which is more secure and doesn't suffer from SIM-swap attacks).
The update is rolling out to all Samsung users gradually.
Unlike most Android apps that can be checked for updates manually, users cannot do that with the Samsung Account app. Users just have to wait before the update is pushed to their device in their region.
In recent years, the world has witnesses a massive increase in the number of platforms losing personal data of their users.
As cybercrime improves with hackers' hacking campaigns getting more sophisticated, companies need to improve their security systems to match the more modern threat and attacks. Data leaks for companies can translate to distrust, which would then result in financial loss, as well as reputational damage.
2FA is an extra layer of security used to make sure that people trying to gain access into an online account are who they say they are.
First, user are required to enter their username and password combination like they normally would. But instead of immediately gaining access, with 2FA, they are required to enter another piece of information.
Samsung is the giant in the smartphone market, and it won't tolerate future breach due to its mistakes.
With 2FA, Samsung is like sharing the responsibility of securing accounts, more to its users.
2FA can certainly improve security. Although it won't save users from every security threats out there, like critical Android rooting vulnerabilities, for example, But still, using 2FA is better than not using it at all.
This is why people should be using 2FA at every possible time. Since personal data has become a commodity, a simple extra step for logging in shouldn't hurt.