You can go down quite a rabbit hole of chain-of-custody and trust if you spend much time worrying about what a secure source is for the key. The two main options are the YubiKey from Yubico and the Google Titan Security Key, but the Titan Security Key isn't available in Canada. Plus which this method means giving the service your phone number, which is undesirable for lots of reasons, including most notoriously Facebook took phone numbers provided for 2FA and used them for targeted advertising.Ī much better option than text message 2FA is an app on your phone such as Google Authenticator, but even better than that is a hardware token, a USB security key. Typically this is with a text message code sent to your phone, but text messages (or automated voice calls) have a major security flaw in that your phone number can be hijacked through something called SIM hijacking (basically a hacker redirects your phone number to a phone they control). And passwords can be stolen through targeted attacks such as email phishing (a common way to steal a password).Īs password reset is typically done by email, your email account should have very strong security including a strong password typically your email account provides the key to unlocking all your other accounts.Įmail such as Gmail can be secured with 2FA. Also, passwords can be guessed or bypassed using various password recovery and reset mechanisms including the (terrible) recovery questions ("What was your favourite XYZ") approach. Passwords have lots of flaws, including the fact that numerous websites have had their username+email+password combinations hacked, with millions of such credentials now available to be searched online.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |