Two-step authentication has arrived, belatedly, for Sony’s PlayStation Network.
This means Sony’s (SNE) stable of supported devices, including the PlayStation 4, PlayStation 3, PS Vita, and PlayStation Portable, will finally provide the sort of protection they arguably should have had years ago. You can sign up online here.
The idea behind two-step authentication is as simple as it sounds: You have to provide two forms of identification to access your account. And the two forms are tethered with a realtime interlink. Enter your password, and the process sends a code to your mobile devices, which you then enter into a second authentication box to complete the validation process.
Yes, it’s a bit of extra busywork if you don’t leave your system signed in (especially since you’re inputting case sensitive alpha-numerics with a gamepad). But it’s ground floor common sense to use two-factor. Sony’s left it optional, but I’d consider it mandatory.
Get Data Sheet, Fortune’s technology newsletter.
That it took the company this long is a bit of a mystery, given that it became the face of online insecurity five years ago. And it’s had plenty of trouble since. But that’s also hindsight. And while the PlayStation Network continues to suffer rare outages from denial of service attacks, no one’s managed to abscond with the sort of personal information that defined the 2011 fiasco.
This story originally appeared on Time.com.