Naver beefs up security protocols for user IDs

Naver introduced a two-step login function to prevent online identity theft in the wake of the controversial Druking scandals. But there are doubts that greater security would do anything to discourage manipulation of public opinions through comments on articles posted on the country’s largest internet platform.

The new function is a two-step system: After a user logs onto the website, a push alarm will be sent to his or her smartphone asking for verification of the login attempt. It was added as a function for account security on April 18.

“Even if somebody knows your account and password, the login will be finalized only through verification through the user’s mobile device,” said the company Sunday. “This will prevent ID theft in advance and also immediately inform users of false login attempts.”

The push alarm login is a simpler version of the two-step account security function using one-time passwords, called OTP in short. Users who choose to use OTP logins input a temporary code received from Naver’s mobile app. Google has a similar two-step verification function that sends OTP through a user’s phone.

Although this is safer than the conventional one-step login, it wasn’t popular among users, who thought checking for an OTP and typing it again was inconvenient.

Naver’s two-step login option is not automatically set for everyone.

The user first has to download Naver’s mobile app or upgrade it to the most recent version. Then, it has to activate the two-step verification function at Naver’s account management page on its website.

Account security recently rose as an issue for Naver following the scandal in which a power blogger using the online alias Druking was found this month to have led a team to forge comments and “likes” on the website’s news section platform as campaigns in favor of and against President Moon Jae-in.

The case shed light on illegal businesses that sold hacked IDs or even created faux accounts. Druking and his team reportedly used more than 2,000 Naver IDs.

The portal site came up with its first set of measures on Wednesday including a policy to limit the number of comments to three per day on each article from the previous 20.

However, some said the limits would have little effect if the company fails to come up with a fundamental way to cope with illegal ID purchases.

BY SONG KYOUNG-SON [song.kyoungson@joongang.co.kr]