Quote:
Originally Posted by kq76
Are you talking about MFA / 2FA wrt sim swap scams or the better password management topic in general? Because for me, I honestly thought MFA was maybe the pinnacle of security, but now it sure sounds like if they're successfully able to swap your sim card and you rely on MFA, then you're screwed. Am I mistaken? I get it, to be safe you should follow the steps on the placard she holds up at 9:31, but I still find it scary and makes me think I should disable MFA at least for my banking.
I'd love to get eriq's take on this too, and anyone else who's more knowledgeable than myself on this.
I also added the point about phone app authenticators to the OP. I knew about them before, but I didn't think to add the point and with some of the videos I recently watched it sounds like they're the pinnacle, not MFA. |
I’m talking about sim swap scams. Yes, they mean MFA is not inviolable but it’s still a major step for a potential hacker to take and for the vast majority of users and companies that’s enough for them to not bother. If you’re Visa or the US gold reserve, sure, you need more. I’ve worked at multiple places who used a dongle and I think those are also hard (although I’m sure not impossible) to spoof or bypass.