[Eril-l] 2-step verification from Atypon

[Tom Pollard]

Hi

As a publisher on the Atypon platform, we really appreciate the additional security measures they have put in place to maintain the integrity of our customer accounts. Having said that, SMS-based 2-factor authentication (2FA) has not been without its difficulties.

The next major update to the platform is bringing in two alternative methods of 2FA (i.e. email, app-based) which should enable every institutional administrator to find a method that works for them. It is of course up to individual publishers to evaluate and implement each method, but we’re certainly looking forward to smoothing out some of the wrinkles caused by the current method.

Regards

Tom

Tom Pollard
Content Development Director

Mark Allen Group, St. Jude's Church, Dulwich Road, London, SE24 0PB, United Kingdom
Tel: + 44 (0)20 7501 6707  |  Mob: +44 (0)7980 609824  |  Web: www.markallengroup.com<http://www.markallengroup.com/>



From: Eril-l <eril-l-bounces at lists.eril-l.org> on behalf of Mark Winek <mdw65 at georgetown.edu>
Date: Wednesday, 6 September 2017 at 00:28
To: "eril-l at lists.eril-l.org" <eril-l at lists.eril-l.org>
Subject: [Eril-l] 2-step verification from Atypon

Dear Collective Wisdom,

After logging into a few publisher sites hosted by Atypon, I noticed that I'm being prompted to set up 2-step verification at every turn. I can log in to my administrative account, but if I attempt to go to any other pages (such as to update IP addresses), I have to input my mobile phone number to receive a one-time code via SMS. It gives me the opportunity to remember my computer for 30 days (no doubt by cookie).

While I usually applaud these types of efforts, I'm wondering how you have dealt with this from an institutional point of view. Since I'm not the only one at my institution accessing the administrative accounts, I would have to ask my staff to use their personal mobile phones to run 2-step verification when the log on (since our desk phones don't take SMS). And if any one of them can verify by SMS, what's the added security of 2-step verification offering?

Thanks,
Mark

Mark D. Winek
Unit Head, Electronic Resources & Serials
Georgetown University
Joseph Mark Lauinger Memorial Library\
________________________________
The information contained in this e-mail is confidential and may be subject to privilege. If you are not the intended recipient, you must not use, copy, distribute or disclose the e-mail or any part of its contents or take any action in reliance on it. If you have received this e-mail in error, please e-mail the sender by replying to this message. All reasonable precautions have been taken to ensure no viruses are present in this e-mail. The Mark Allen Group accepts no responsibility for loss or damage arising from the use of this e-mail or attachments and recommends that you subject these to your virus checking procedures prior to use. The views expressed in the above e-mail are those of the sender and not necessarily those of the Mark Allen Group and all attributed companies.
MA Healthcare Limited (company number 01878373), MA Education Limited (company number 04002826), MA Music, Leisure & Travel Limited (company number 02923699), MA Business Limited (company number 06779864), Airport Publishing Network (company number 01960598), George Warman Publishing (company number 02591009) and Master Travel Limited (company number 02631065) are all part of the Mark Allen Group of companies. All registered in England and Wales with a registered office at St Jude's Church, Dulwich Road, London SE24 0PB.
________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.eril-l.org/pipermail/eril-l-eril-l.org/attachments/20170906/7a8e6cd8/attachment.html>