Category: 2fa

2fa Facebook Social Media Companies Tech two factor authentication

Disabling this Facebook phone number setting is not an option

sudshr47 March 4, 2019

TwitterFacebook

Facebook is in hot water once again for how it is using the phone number users may have only provided to Facebook for security reasons. 

On Twitter on Friday, Jeremy Burge, the editor of Emojipedia, called out Facebook for its phone number lookup settings. Burge found that there is no way to entirely opt out of this setting, which governs the ability of other users to find your Facebook profile by entering your phone number in search. The best you can do is limit who can do this to “Friends.” 

What’s potentially most concerning is that some people may have only given Facebook their phone numbers to enable Two-Factor Authentication (2FA). That is, they gave their phone number to Facebook for security, and Facebook continues to prove that it’s using that number for much more. Read more…

More about Facebook, Two Factor Authentication, 2fa, Tech, and Social Media Companies

View More Disabling this Facebook phone number setting is not an option
2fa authentication google authenticator instagram multi-factor authentication Security Sms Social TC

Instagram’s app-based 2FA is live now, here’s how to turn it on

sudshr47 October 9, 2018

If you’d like to be sure you’re the only one posting elaborately staged yet casual selfies to your Instagram feed, there’s now a powerful new option to help you keep your account safe. In late September, Instagram announced that it would be adding non SMS-based two-factor authentication to the app. Instagram confirmed to TechCrunch that […]

View More Instagram’s app-based 2FA is live now, here’s how to turn it on
2fa Def Con Hackers Tech Voicemail

Hackers can seize practically all your online accounts, and it’s your voicemail’s fault

sudshr47 August 10, 2018

TwitterFacebook

Who would have thought that, in the end, it would be the humble voicemail that would do us all in?

Your Google, Microsoft, Apple, WhatsApp, and even Signal accounts all have an Achilles’ heel — the same one, in fact. And it turns out that if you’re not careful, a hacker could use that weakness to take over your online identity. 

Or so claims self-described “security geek” Martin Vigo. Speaking to an enthusiastic collection of hackers and security researchers at the annual DEF CON convention in Las Vegas, Vigo explained how he managed to reset passwords for a wide-ranging set of online accounts by taking advantage of the weakest link in the security chain: your voicemail. Read more…

More about Hackers, Def Con, Voicemail, 2fa, and Tech

View More Hackers can seize practically all your online accounts, and it’s your voicemail’s fault
2fa Breach Hack Reddit Security TC two factor authentication

Reddit breach exposes non-critical user data

sudshr47 August 1, 2018

Reddit announced today that it suffered a security breach in June that exposed some of its internal systems to the attackers, although what was accessed was not particularly sensitive. Notably the hack was accomplished by circumventing the two-factor authentication Reddit had in place via SMS interception — which should be a wake-up call to any who haven’t moved on from that method.

View More Reddit breach exposes non-critical user data
2fa Apps data breach Europe GDPR Hack Security Timehop

Timehop discloses July 4 data breach affecting 21 million

sudshr47 July 9, 2018

Timehop has disclosed a security breach that has compromised the personal data (names and emails) of 21 million users (essentially its entire user base). Around a fifth of the affected users — or 4.7M — have also had a phone number that was attached to their account breached in the attack. The startup, whose service plugs […]

View More Timehop discloses July 4 data breach affecting 21 million
2fa Facebook Social Media Companies Tech two factor authentication

Facebook finally stops screwing around with two-factor authentication

sudshr47 May 23, 2018

TwitterFacebook

Take a deep breath. Facebook just did something good.

The company announced in a May 23 blog post that it would no longer require a phone number to set up two-factor authentication, and would instead allow for the use of an authenticator app. Such apps, like Google Authenticator, are widely acknowledged to be an improvement over SMS-based 2FA.

For those unfamiliar, two-factor authentication provides a second layer of security to online accounts. In addition to the standard password, you need a second factor — usually a number texted to your cellphone or generated by an authenticator app —to login. For those who worry about phishing attempts or any kind of hacking (which should be everyone on the internet), setting up 2FA is a must.  Read more…

More about Facebook, Two Factor Authentication, 2fa, Tech, and Social Media Companies

View More Facebook finally stops screwing around with two-factor authentication
2fa Passwords Social Media Tech Twitter

Twitter thinks you should really change your password, like, now

sudshr47 May 3, 2018

TwitterFacebook

Twitter has a teeny, tiny polite suggestion for everyone on its platform: Maybe go ahead and change your password. Like, now. 

The social media company announced Thursday in a blogpost that a now-fixed bug meant Twitter passwords were stored “unmasked in an internal log,” and, yeah, whoops! 

While the company insists that it’s found no evidence of abuse, you really don’t want to wait around to find out whether or not that assessment turns out to be correct. 

In other words, it’s time for every single Twitter user to change his or her password — and potentially not just for Twitter.  Read more…

More about Twitter, Social Media, Passwords, 2fa, and Tech

View More Twitter thinks you should really change your password, like, now
2fa Facebook Security Social TC

Facebook didn’t mean to send spam texts to two-factor authentication users

sudshr47 February 17, 2018

 Facebook Chief Security Officer Alex Stamos apologized for spam texts that were incorrectly sent to users who had activated two-factor authentication. The company is working on a fix, and you won’t receive non-security-related text messages if you never signed up for those notifications. Facebook says it was a bug. But calling it a bug is a bit too easy — it’s a feature that… Read More

View More Facebook didn’t mean to send spam texts to two-factor authentication users
2fa Facebook Mark Zuckerberg Social Media spam

Facebook is so desperate for engagement, it’s spamming users via their 2FA numbers

sudshr47 February 14, 2018

Facebook is feeling lonely these days. 
The social media behemoth has seen a decline in traffic in recent weeks along with millions of users leaving its platform, and it appears to be taking rather drastic measures to win them back. Specifically…

View More Facebook is so desperate for engagement, it’s spamming users via their 2FA numbers