Here at Dynamic Yield, we always strive to better our product – both feature-wise and behind the scenes – by improving our infrastructure. Right now we are working on adding additional security measures for our Admin application.
Dynamic Yield enables you to change your site content and/or layout with a few simple definitions within the Dynamic Yield Admin application. In order to protect your site, we have added some extra security measures, which are outlined below.
The most important thing is having all browser-to-server communication encrypted using SSL (HTTPS). You might say, “Well, that’s great, but look at the Heartbleed bug – this is a major vulnerability of HTTPS.” The answer: We went ahead and made sure our servers are using a version of OpenSSL that does not include this vulnerability.
We didn’t stop there! We also revised our login process to include a Two-factor Authentication mechanism. Passwords, unfortunately, aren’t as secure as they used to be, and if someone gets your password, they can access your account without any fuss. Even having a strong password doesn’t completely protect you. Two-factor authentication solves this problem. (Taken from LifeHacker.com)
Google’s head of webspam team, Matt Cutts, put it best:
“Two-factor authentication means “something you know” (like a password) and “something you have,” which can be an object like a phone. After you enter your password, you’ll get a second code sent to your phone and, only after you enter it, will you get into your account. Think of it as entering a PIN, then getting a retina scan, like you see in every spy movie ever made. It’s a lot more secure than a password, which is very hackable, and keeps unwanted snoopers out of your online accounts.”
So next time you log in to Dynamic Yield, rest assured that your website data is secure with us.