Posted on 01/24/2024 8:02:10 PM PST by 11th_VA
In my experience, maybe 10% of sites have moved beyond SMS 2FA to Authenticator verification. Most companies are stuck in the past which is frustrating.
You also have biometric authentication, either fingerprint or facial which I use as often as possible on sites that support it. But again, few sites support biometric authentication even though it is nicely integrated into phone and computer OS’s.
“Luckily I dont do banking on my phone”
Same here. Only on my desktop computer at home
I would recommend using as few checks as possible, and avoiding mailing them.
Checks have your account number and bank routing number on them, key information for scammers.
My wife uses too many misc. checks, and I am trying to get her to break the habit. Do not write a check at the nail salon or spa.
The NSA tried to tell people to stop using cell phone based two factor authentication. It was too cool of a function and people loved it, so they refused to discontinue it. Feeble minded people run companies and things like animation, popups ads, gateway ads, interstitial ads, and cellphone based authentication, easily impress them.
“The best security is to use either an authenticator app or a physical token like a YubiKey. “
You completely miss the point giving that bad advice.
Anyone can gain easy access to your device or device account and that makes such devices unsecure.
bkmk
Hardly bad advice. In fact, It’s the best advice possible. A physical token you possess and separate from your phone is the very best possible security. I’ve been using Yubikey for over twenty years for that reason.
Of course you can live in a totally unconnected world and still write paper checks delivered by USPS. As we all know, nobody has ever forged a check before.
Way too expensive.
You still have to trust what the company claims. How easy is it to prove they don’t copy out the information you put into it?
Cloning a phone exactly is well-known technology but it requires access to the original phone. However, when buying a new phone Verizon, AT&T, etc all offer to transfer your old data to the new phone at your request. Your data is copied somewhere and then copied back to the new phone. But what happens to the original copy that is in the phone company’s possession? The answer to this question may reveal a problem with securing your data while it exists in the provider’s care.
Rarestia, that is an option of financial institutions that we can't turn off. Banks even ask you if you'd like your password reset sent via SMS or email. If you are the crook, you tell that website, “Sure, I would love getting my account reset via SMS!”
If still working, only need Part A. Had no idea you could pay ANY medicare without ss$.
Instead of paying big bucks at big companies, use one that doesn’t have stores...Puretalk is one. We are quite happy with them n only paying third of what att wanted.
Every thing that you do online is captured somewhere.
I pay for LifeLock and so far they have been very good at saving me the grief of fighting cases where my credit info was stolen and used for purchases that I didn't make.
Over the years, they intervened 3 times and while the losses weren't massive they were all in the thousands and the grief saved by having them take care of the BS was worth every penny I've spent with them.
Like any insurance policy, most times the coverage is never used {and that's a good thing} but if needed, better to have it than wish you did.
Thanks. All those small companies use the big networks, anyway. Good point about their lower costs by not having physical stores.
I do zero business on my phone - this helps validate that decision...
Feel free to do so. Your notes are performing a public service.
Choose forgot password.
Actually 2fa is better. Just don’t use the phone number type. Get the Microsoft or Google authenticator.
Bookmark
I’ve heard the argument before that phone numbers have become a default digital ID. People don’t change them when they change phones and it’s far more convenient to keep the same number.
It’s my understanding that this is why so many web sites now ask for your phone number. It’s not to “make your access more secure”, it’s so they can collaborate with other businesses that also ask for your number. You can have different user-names across the board, they have no idea who you are, until you give them your number...then they can identify accounts across any system.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.