AOL Increases Security… But It Will Cost You

from the are-you-paranoid-and-have-a-lot-of-cash? dept

While it’s good to see a company like AOL offering a two-factor authentication option for logging in, it might not set the greatest precedent that they’re charging an extra $2/month for the service. There’s also a $10 upfront fee, which could pay for the device from RSA that gives the user the random set of digits they need to log in (plenty of companies use these gadgets already). This raises the question: should better security be a premium option? Obviously, setting up such a system and maintaining it is a bit more costly, but what kind of message is being sent, when to be really secure in using a service you have to pay extra? Doesn’t it just give the company more incentive to be weak on security for regular users to help upsell them to the premium option?

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “AOL Increases Security… But It Will Cost You”

Subscribe: RSS Leave a comment
RJD says:

No Subject Given

Price is probably cheap for a little piece of mind it may give folks. The cost of the hardware is probably negligible but the cost to set up the infrastructure and I have to assume the number of support calls is going to go up as well. So like the cable company, why not offer a menu of options for those folks who want it. There are a number of people who still opt not to do anything financial or personally sensitive on line so they would not need this. The person who’s worried about compromise may want to add the two dollar trinket to feel a little better.

Course you realize that if a person buys into this and somehow has their information compromised, they are going to sue the hell out of the ISP … and probably win.

deep sigh.

Nonesuch (user link) says:

One question not answered; WHY?

I’ve been doing a lot of work with strong authentication in a company with tens of thousands of employees; after several failed pilot projects, the
RSA SecurID tokens was the only solution that “stuck”, that the users were willing to put up with.

But we use two-factor authentication to protect the “crown jewels”, financial data and production-critical systems, stuff that would lead to multi-million dollar writeoffs if compromised.

I’m not entirely clear on what AOL is protecting here?

This seems like a heck of a lot of time and effort just to cut back on their “phishing” problems.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...