Kudos to people like @shehackspurple, @RayRedacted, @AlyssaM_InfoSec who have been trying to convince (yes sometimes with success) companies to do better. That’s how we can help make a difference. Not by fighting each other about what the most secure solution is.
-
-
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
The problem that you are describing is so common in consumer banking that it makes me wonder if there’s a reason behind it. Do you know of any reason why banks don’t use a more secure method?
-
I don’t know. Of course some banks will implement additional layers of security which the user doesn’t necessarily see. Also I have the feeling (can be wrong though) that in Belgium for instance it’s a bit better. At least my bank and a few others I know do a good job.
- Još 1 odgovor
Novi razgovor -
-
-
When the 2FA options are SMS and email, which do you choose?
-
I would go for email account if i can protect it with proper 2fa (software tokens or better). If not then sms
- Još 1 odgovor
Novi razgovor -
-
-
SMS MFA is just fine. It’s much Much better than passwords alone, is rather easy to build for devs and consumers can protect themselves even more by putting a passcode on their phone account to avoid phone SIM/IMEI takeover attacks. The anti SMS-MFA calls are overblown.
-
I agree it’s overblown and SMS is much better than no 2fa. But for a banking site i expect and want better
- Još 23 druga odgovora
Novi razgovor -
-
-
100% agree that SMS 2FA is much better than nothing. But it is very surprising to me that this is the state of affairs in the US. In Brazil all major banks use software OTP on their mobile app, hardware OTP tokens, or both. Plus ATMs use biometric FA in addition to card and PIN.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
fun fact: American Express passwords are not case sensitive.
- Još 1 odgovor
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.