|
|
|
|
|
|
by notzorbo3
2994 days ago
|
|
|
The beauty of it is cases like Google's. They have this bizarre 2FA security-theater Google Authenticator thing, but then nearly force everyone to have their phonenumber as a "backup device". Guess what the send you when you forget your 2FA or password? Yep, an SMS. So out the door goes the whole point of 2FA. Your three factors (account name / email address + password + Google Authenticator) have now been reduced to one factor: your email address. I can rent a mobile tower in Malaysia or some other asian country, advertise your phonenumber as roaming there for about €10/h and start intercepting all your shit. Or just get your telco's inept service dept to forward your number somewhere else. Lessons here: 1. Even the giants get it wrong.
2. There is no security anywhere in the tech world. Literally everything is broken. Your electronic car locks / starter system, your phone, your internet, everything is horribly horribly horribly broken beyond any imagining, even for hyper-tech savvy people.
3. Remove your phonenumber as a backup device from your google account and never use it as a backup device every again. |
|
|
Edit: Oh, you said that.