Sony is making a long-awaited effort to shore up security on the PlayStation Network — the company is planning to add two-factor authentication to the service, Sony confirmed to Polygon today.
"In order to further safeguard our users and their accounts, we are preparing to offer a 2-step verification feature," a Sony representative said.
The spokesperson did not offer a time frame at this point, saying only that "more details will be shared at a later date." Sony updated the PS3's firmware to version 4.80 yesterday, and users noticed that if they entered incorrect login information, the system mentioned two-step verification — which isn't currently available on PlayStation Network accounts. Those accounts are used on PlayStation 4, PlayStation 3, PlayStation Vita, the web, the PlayStation mobile app and the PlayStation Portable.
Two-step verification, also known as two-factor authentication, is a process that requires users to enter two different "factors" when logging into a service. Generally, this means "something you know" (your existing login details) as well as a second piece of information from your phone, typically a six-digit code generated by a mobile app or received in a text message ("something you have").
Once you sign in with your correct username and password, you must also type in the second code in order to complete the login process. Two-step verification is much more secure than a password alone, since it means that a hacker would also need your phone — a device that is in your possession — in order to access your account.
Sony's confirmation of adding two-factor authentication to the PlayStation Network comes five years to the day after a major hack of the service. The attack forced Sony to shut down the network, and exposed personal information from potentially all of its 77 million registered accounts at the time. The outage lasted 23 days, during which time Sony investigated the intrusion and then rebuilt the PlayStation Network before bringing it back online. Microsoft added two-step verification to Microsoft accounts, including Xbox Live accounts, three years ago.