[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: two-factor authentication

 > From: Flora  <http://www.gmail.com/~flora>
 > Date: Fri, 22 May 2015 05:31:29 -0400
 >
 > Try it yourself â?? go to the service youâ??ve secured with two-factor 
 > authentication and pretend youâ??ve lost the code. See what it takes to get in.
 > 
 > http://www.howtogeek.com/212219/heres-how-an-attacker-can-bypass-your-two-factor-authentication/

So, here's what I do:

 1) Do not use an SMS service for the 2-factor authentication.
 2) Use a temporary email addresses for each service for the 2-factor
    authentication.  Each of my banks has a unique email address.

Obviously, it's not perfectly secure, but it's unlikely that they would
find out my temporary email address, unless the perpetrator gets into my
temporary email address service -- that is my weak link.

Re: phone numbers.  I never give my phone number to anybody if I can help
it -- I always prefer email, anyway.  (I use my voicemail when I do have
to give a number 'cause I hate junk/spam calls.  And I almost never give
my real, standard email address -- only a temporary email address.  But, I
think these things are less about security than about personal
preference.)


Why do you want this page removed?