Hacker Read

theprop · 2017-06-12 03:54:28+00:00

Wow! What's the easiest way to stop this kind of attack? Stop all two-factor authentication?

joeblau | karma 3901 | avg karma 2.2 · | 2013-02-20 14:11:23+00:00

Does enabling 2 factor auth help stop this attack?

Metrop0218 | karma 284 | avg karma 2.49 · | 2013-12-18 15:28:50+00:00

I highly recommend enabling the two factor authentication feature. I got my account targeted by some botnet and was breached several times regardless of how ridiculous my password was. Of course, this all stopped the moment I started using two factor auth.

sgroppino | karma 355 | avg karma 3.03 · | 2017-07-30 22:12:03

I'd have though that two-factor authentication could have prevented this type of attack?

TwoBit | karma 2039 | avg karma 1.83 · | 2015-09-17 16:10:39

I'm not sure 2 factor would help. The hackers could echo his 2 factor key he typed into their fake login page to the real login page.

jaggs | karma 732 | avg karma 1.2 · | 2013-01-20 19:27:52+00:00

Yeah got it. Two factor authentication. That will kill it stone dead, won't it?

jdavis703 | karma 7391 | avg karma 2.93 · | 2021-09-02 12:26:33

Enable two-factor authentication and disable app passwords. That should be enough to stop this particular type of scam.

paraschopra | karma 8514 | avg karma 3.81 · | 2011-06-27 08:23:31+00:00

Just enabled 'Two factor authentication'. Thanks for writing this. Made me realize the loss I would incur if my account gets hacked.

droithomme | karma 7759 | avg karma 3.17 · | 2017-06-11 20:15:39

Two factor authentication is nothing more than a massive vulnerability. We've seen people somehow change our listed contact numbers through unknown exploits, then hijack ownership of properties using the new number to prove they are us. This wouldn't be possible if not for 2nd factor authorization schemes.

aaronwalker | karma 48 | avg karma 1.12 · | 2022-07-01 16:52:07

Hmm. Makes me wonder about the security of two factor authentication schemes. For scams like these it's pretty obvious that someone is trying to access your account, but I do wonder if there are more secure ways to verify your identity when changing account settings.

EthanHeilman | karma 5606 | avg karma 5.18 · | 2012-09-20 12:31:36+00:00

Someone can just steal your two factor authentication token by asking for one at a forged login page.

brown9-2 | karma 15736 | avg karma 3.87 · | 2011-09-01 09:30:13

I imagine this is why the parent poster mention enabling two-factor authentication first.

pkhamre | karma 169 | avg karma 1.42 · | 2012-06-29 13:40:17

Even google's two factor authentication got hacked. How do you seceure yourself for something like that?

was_boring | karma 705 | avg karma 2.7 · | 2016-12-29 23:01:41

That's super annoying. The 100 person startup I'm at uses 2 factor authentication! It's so easy these days there is no technical excuse anymore.

pmichaud | karma 4320 | avg karma 4.28 · | 2022-06-03 17:38:19

Two Factor Authentication.

justindocanto | karma 558 | avg karma 2.09 · | 2017-02-16 19:58:32

Two factor authentication.

mcv | karma 23993 | avg karma 2.57 · | 2014-04-10 09:33:07+00:00

Yeah, that's not something that should count as two-factor authentication. It's just single factor authentication with a warning.

tinco | karma 11728 | avg karma 3.67 · | 2018-12-27 10:42:14+00:00

It's not called two factor authentication. Two factor authentication is when you have two factors for authentication. This is just one..

sp332 | karma 55607 | avg karma 2.75 · | 2014-07-09 15:50:04

That's not two-factor authentication.

shadesandcolour | karma 405 | avg karma 2.04 · | 2012-06-12 09:06:58

Two factor authentication is still, in my opinion, the strongest way to go. This case is really the phone company's fault, maybe they'll learn from this and start teaching the customer support reps what the difference is between a correct password and an incorrect password.