A month ago, Buffer‘s social media scheduling service was hacked, causing a tidal wave of spam to be posted from users’ accounts. As reassurance, the startup is introducing two-step login as a free, optional feature for its users.
To switch it on, log-in to Buffer on the web and select My Account, followed by Access & Password. Here, you can enable two-step login and select whether you would like the security code to be sent to your mobile phone via text message or Google Authenticator (iOS/Android).
If you’re still a little wary about how secure Buffer’s service is, the company expanded upon the measures its taken since the breach. All of the affected credentials have been reset, email addresses stored in its database and access tokens for users’ social media accounts are now encrypted, and all team members have now setup two-factor authentication for their Google, Github, Stripe, HipChat and Dropbox accounts.
“We were incredibly amazed by how supportive our customers (you!) were through the whole process of recovery,” Belle Beth Cooper, Content Crafter at Buffer said. “With all that trust given to us, despite the big mess, we wanted to really step up our game in terms of safety and security.”