Sony (finally) adds two-factor authentication to the PlayStation Network

Five years after a major (and majorly mishandled) breach of player data across its network, Sony has gotten around to beefing up security.

It's convenient, storing your credit card and billing address in a place where you regularly make purchases. It's also a gamble, as more and more online services fall prey to exploiters and data thieves. A smart enough company of sufficient size should, these days, be able to respond and notify its users that something has happened in pretty short order -- but in 2011, Sony took several days to publically address a large-scale data breach which exposed 77 million accounts and caused a network shutdown which lasted more than three weeks. The entertainment giant has been roundly criticized ever since for the way it appeared to dragged its feet over this incident.

But well, better late than never, I suppose. Sony required all users to change their passwords when it brought the network back online, and has made some valuable tweaks to how it stores sensitive data since. Still, it's a bit staggering that a whole five years on, and two and a half years into the life cycle of its PlayStation 4 console, Sony has only just gotten around to adding two-factor authorization to its players' accounts.

If you don't know what two-factor authorization (2FA) is: it means that a user proves their identity through two methods, rather than just a password. For example, many online services will send you a text message with a randomly generated confirmation code, that you then have to enter before gaining entry to your account. The idea here is that this secondary confirmation is significantly harder for ne'er-do-wells to spoof -- it's much easier for someone to brute-force your password than to steal your phone, generally. Hopefully.

The new security feature is currently live as of the most recent PlayStation 3 firmware update, and it affects any device using a PlayStation Network account, including the PlayStation 4, PlayStation 3, PlayStation Vita, and PlayStation Portable. It's opt-in, so you don't have to use two-factor authorization if you'd really rather not -- but it's probably a pretty good idea, especially if you buy a lot of games there.

(h/t Polygon. Top image source: Tuomas Tonteri.)

Kris Ligman is the News Editor of ZAM. Sometimes, Kris feels like a rebel and contemplates not putting anything here at all. Twitter: @KrisLigman.