Discover and read the best of Twitter Threads about #2factorauthetification
Most recents (2)
What you should do instead of SMS #2factorauthetification is use something like an authy app. @1Password has one built in but there are others. Authy is a mobile and desktop application that provides two-factor authentication (2FA) services to help secure your online accounts.
You download and install the Authy app on your device.
You set up two-factor authentication for your online accounts that support Authy. This involves scanning a QR code or entering a code into the Authy app.
You set up two-factor authentication for your online accounts that support Authy. This involves scanning a QR code or entering a code into the Authy app.
Whenever you log in to a supported account, you enter your username and password as usual, and then you are prompted to enter a code generated by the Authy app. This code changes every 30 seconds, and only you can access it through the Authy app on your device.
The whole #2factorauthetification thing and why SMS is a bad idea.
SMS messages can be intercepted or redirected by attackers, which could allow them to bypass the 2FA protection.
SMS messages can be intercepted or redirected by attackers, which could allow them to bypass the 2FA protection.
SIM swap attacks can be used to steal a victim's phone number, which would allow an attacker to receive 2FA codes sent via SMS. SMS messages can be delayed or lost, which could prevent a user from receiving their 2FA code in a timely manner and potentially lock them out of their
account. SMS-based 2FA is vulnerable to phishing attacks, where attackers can trick users into giving up their 2FA code by sending a fake login page and asking for the code.
