Two factor auth via SMS — just don’t

Photo by Andrej Lišakov on Unsplash
legitimate SMS from Google
  • The two factor code which was sent to you
  • Your phone number
  • Know your email
  • Know your phone number
  • Have access to the two factor code
Just go to reset password and try another way
Now the guy has to enter your phone number
He has to enter the code.
Hacker types in the new cool g33ky password…
voila!
Make sure 2-Step is ON, but SMS or voice options are removed.
  • Security keys: These are hardware keys which you can buy and register under you account. This is the most secure 2-Step
  • Phone popup: A popup appears in a phone which you have signed in with your Google account
  • Authenticator app: Install the app and add it into your account by scanning a QR code. You no longer need to be online in the phone to get the code. It will be calculated in your device
  • Phone security key: I am actually unaware of how this works. I tried and it failed me :(

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

What is “Watchbog” and how to remove it. Common steps for removing malware from linux systems.

Thwarting ransomware: Insights from EVIL-Ution webinar

{UPDATE} Oil, Inc. - Idle Clicker Hack Free Resources Generator

{UPDATE} Amphibious Excavator Crane Hack Free Resources Generator

Questioning digital communication in the COVID 19 era

HackenAI - optimizing cybersecurity services via VeChainThor blockchain.

Looking To The Future: A CISOs Biggest Challenges

Breaking Through Another Side: Bypassing Firmware Security Boundaries

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Tharaka Devinda

Tharaka Devinda

More from Medium

Sigma Rules

The Conti Leaks emphasize the need for detection based on threat behaviors

CREST CPSA Exam Review 2022

Defensive Cybersecurity in Times of Crisis: How to Secure What Really Matters