The Obama campaign fought against election hacking with security keys during both the 2008 and 2012 presidential elections, CNET reports, citing Stina Ehrensvard, Chief Executive Officer of cybersecurity solution provider Yubico. The company provided the Democrats with its two-factor authentication solution in the form of Yubikeys, a series of physical two-factor authenticators meant to combat phishing and other attack vectors that could grant hackers control of one’s email and other aspects of their digital identity.
Hillary Clinton’s campaign opted not to use two-factor authentication and subsequently had many of its staffers compromised, with thousands of their emails gradually leaking in the run-up to the 2016 presidential election. Due to the thin margins that decided the winner — then-candidate Trump won the electoral vote but lost the popular one by some three million — the hack and the negative publicity that followed are widely believed to have at least partially caused the defeat of the former Secretary of State. Two-factor authentication prevents the vast majority of cyber attacks aimed at stealing someone’s online profiles as it prevents hackers from logging into victim accounts even if they manage to obtain their login credentials since they still don’t have access to a physical key that usually comes in the form of a USB device which must be plugged into every client trying to use the owner’s credentials.
Special Counsel Robert Mueller indicted over two dozen individuals and three entities from Russia over organized efforts to meddle in the U.S. democratic process, i.e. attempt influencing the outcome of the last presidential election. The last wave of indictments came in mid-July, with more possibly being set to follow suit as the former FBI Director’s investigation continues. It’s currently unclear whether the Trump campaign used two-factor authentication during the presidential race. The hack that compromised the Democratic candidate saw DNC Chairman John Podesta’s email hacked via so-called “spear-phishing,” hacks masking as legitimate emails prompting users to change their passwords which unsuspecting victims end up sending to their tech-savvy hackers.