this post was submitted on 19 Nov 2021
50 points (100.0% liked)

Technology

34830 readers
16 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.


Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.


Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[โ€“] kixik@lemmy.ml 4 points 3 years ago* (last edited 3 years ago) (1 children)

But this are randomly generated numbers, short term lived. They don't make any sense to anyone, if not having the other authentication factors, in the multi factor authentication. That's why they are multi factor (2nd in most cases). And those banks token apps, I guess they provide client server encryption, which bumps up security on the token sent a bit, but in my mind not enough to say just because you receive SMS tokens, it's quite easy to get into you bank account, without having all authentication factors at hand, and all the time, remember those tokens are short lived.

[โ€“] ArtilectZed@lemmy.ml 3 points 3 years ago* (last edited 3 years ago)

They aren't going to bother trying to get the 2fa code until they already have your password, and by then, it's already too late.

Like this kid, did a SIM swap attack and hijacked 2fa codes.

https://www.engadget.com/canada-cryptocurrency-arrest-171617452.html