Ase Deliri Profile picture
Feb 20 14 tweets 3 min read
What you should do instead of SMS #2factorauthetification is use something like an authy app. @1Password has one built in but there are others. Authy is a mobile and desktop application that provides two-factor authentication (2FA) services to help secure your online accounts.
You download and install the Authy app on your device.
You set up two-factor authentication for your online accounts that support Authy. This involves scanning a QR code or entering a code into the Authy app.
Whenever you log in to a supported account, you enter your username and password as usual, and then you are prompted to enter a code generated by the Authy app. This code changes every 30 seconds, and only you can access it through the Authy app on your device.
Benefits of using Authy:
Increased security: With Authy, even if an attacker manages to steal your password, they will still need access to your device in order to generate the 2FA code and gain access to your account.
Ease of use: Authy simplifies the process of setting up and using 2FA by providing a single app that can be used with multiple online accounts.
Multi-device support: Authy allows you to sync your 2FA tokens across multiple devices, so you can access your codes from
your smartphone, tablet, or desktop computer.
Backup and recovery: Authy provides a backup and recovery feature, which allows you to recover your 2FA tokens in case you lose or replace your device.
Compatibility: Authy is compatible with a wide range of online services and websites, including Google, Facebook, and Dropbox, making it a versatile option for securing your online accounts.
The technical aspect of timing in Authy relates to how it generates and validates the one-time codes used for two-factor authentication (2FA). When you set up 2FA with Authy, a shared secret is established between the Authy app and the online service or website that you
are securing. This shared secret is used to generate one-time codes that are valid for a short period of time, usually 30 seconds.

To generate the one-time code, the Authy app uses the shared secret and the current time, which is obtained from a time synchronization server.
This time synchronization is important because it ensures that both the Authy app and the server are using the same time when generating and validating the one-time code.
When you log in to a service that is secured with Authy 2FA, the service will ask for the one-time code generated by the Authy app. The service then independently generates a one-time code using the shared secret and the current time, and compares it to the one-time code provided
by the Authy app. If the codes match, the service grants access.

The short time window for the one-time code is important for security, as it limits the amount of time an attacker has to use a stolen code to gain access to your account. The time synchronization between the
Authy app and the server is also important, as any deviation in time could result in a one-time code that is no longer valid, or that is generated too far in advance or too far in the future. This is why Authy relies on time synchronization servers that provide
highly accurate time, to ensure that the codes generated by the app are always valid and that your accounts remain secure.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Ase Deliri

Ase Deliri Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @AhsanDeliri

Feb 20
The whole #2factorauthetification thing and why SMS is a bad idea.
SMS messages can be intercepted or redirected by attackers, which could allow them to bypass the 2FA protection.
SIM swap attacks can be used to steal a victim's phone number, which would allow an attacker to receive 2FA codes sent via SMS. SMS messages can be delayed or lost, which could prevent a user from receiving their 2FA code in a timely manner and potentially lock them out of their
account. SMS-based 2FA is vulnerable to phishing attacks, where attackers can trick users into giving up their 2FA code by sending a fake login page and asking for the code.
Read 4 tweets
Feb 14
Why don’t people constantly using machines see results?
1) Machines have to be profitably mass produced and cater to everyone. Square holes. Round pegs.

2) Generally a pulley system divides the weight you use. Some machines use 3 pulleys further dividing the load. Image
It’s how we build things when machines weren’t around. The trade off is you have to pull over a longer distance but the pay off is you don’t have to apply as much effort. If it’s a single pulley, it’s not divided. Anyway. To sell to people, give them the motion. Image
Let them feel like they are accomplishing things. Even if what they are accomplishing is 1/4 of what they are doing. That beats nothing right? Gyms have a magic problem per @rorysutherland. They need you to feel good even if what you are doing is a waste of time.
Read 4 tweets
Feb 14
Compare that India was forced and given British common law. The underlying structural values mapped onto Hindu scriptures and the Indians forked that which was originated in Greece. You can't force things on to people. People have to question the underlying values
and accept/reject it. The Indians took the democracy kernel forked from Britain and wrapped with APIs from their religious scriptures and made a whole new thing that generates stability and value to their people and serves that nation.
Contrast what the Americans did to Afghanistan. They not only forked the best version of Democracy but they also gave them the ABIs & the fundamental bare metal APIs. What did the Afghans do? They saw the errors of mapping freedom/democracy with their faith and balked.
Read 6 tweets
Jan 14
Noticing a trend:
The max vaxxer who got it wrong now are playing 2 games.
1) imagine things were worse. 🙄
2) we made best decision we could based on the facts of the time.

Look fuck wit, you sound like a degenerate gambler who lost and now is claiming that others got lucky.
We know you’re a soulless bunch of ghouls. How do we know this? Because you keep tweeting about your psychotic fantasies of imagining yourself being right. Ironically one of the clowns on that side made a living shorting big claims. Now he’s on the losing end.
Can’t even take the L with dignity and honour. Instead you keep doubling down like the moron who lost the house at the casino. Mad at the rest for not even playing. Here’s what you will never live down. You wanted non conformist to be treated the way Jews were treated by Nazis.
Read 4 tweets
Jan 13
The prodigal son story. You heard of it? Gospel of Luke. So what’s the story about? Why does the father forgive the asshole son? Why does the good and obedient son get shafted when the father welcomes back the arrogant son back into the fold?
The arrogant son is your youth. He wants to change the world. He just wants his fair share to help with the jump off. When he comes back, it’s your higher inner Self. You have to accept your youthful indiscretions. That’s the power of the story. It’s why it keeps surviving.
It’s our story. Everyone single one of us goes through that stage in life. We are the new saviour and need our shot at making the world better. Helps explain all the youthful souls enamoured with protesting and embracing communism. They can be understood as ignorant.
Read 4 tweets
Dec 26, 2022
Reality and facts. You can ignore facts. If they are lower case f facts. You can ignore reality if it’s lower case r reality. What you cannot ignore is capital R reality. Confused? Ok “beautiful at any weight.” See the lower case f and r?
In sales we know this. We use different words based on the end goal. If we want to sell to you, we get you to ignore the small f facts and focus on the possibilities of big R realities. How you frame something is just the game that’s played. Amplify the facts you like
to sell the Reality you want them to buy. I’m not financially able to buy that. That’s a big F fact that salesman can re-direct. How? We tell you to focus on the value that can be created once you’ve attained the new thing.
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(