Dave Miller · @justdave
9 followers · 13 posts · Server techhub.social

One thing that really annoys me is sites that let you use a TOTP authenticator app for , but insist you set up 2FA by SMS first before they let you set up the TOTP. That kinda defeats the point of not having the SMS method available because it's spoofable...

#2factorauthentication

Last updated 1 year ago

Andrew Ross · @amr
76 followers · 199 posts · Server talksmacky.com

I really don't want to go back to Authy but I will if I have to.

#2fa #2factorauthentication #applewatch

Last updated 1 year ago

Andrew Ross · @amr
76 followers · 199 posts · Server talksmacky.com

What are people using for a 2FA app these days on their iPhone/Apple Watch? I’m going to have to get rid of Okta Verify because they just discontinued their excellent Apple Watch app.

#okta #2factorauthentication #2fa #applewatch #iphone

Last updated 1 year ago

Mysk🇨🇦🇩🇪 · @mysk
1408 followers · 452 posts · Server defcon.social

🎬 So this scam app is using custom product pages of Apple Search Ads to trick users. It has different campaigns per search keywords. When searching for "Microsoft Authenticator", it shows screenshots highlighting "Microsoft". and when searching for "Google Authenticator", it highlights "Google". Watch the video 🤯

It's worth noting that custom product pages need to be approved by @AppStore Connect and Apple Search Ads.
This app steals 2FA secrets and its model is very suspicious as noted below.

Friendly reminder: Mastodon uses no algorithms for discovering posts. The only way to spread the word is by boosting posts. If you think this post is helpful, boost it to reach others. Thank you 🙏

#2fa #privacy #apple #ios #cybersecuritytips #infosec #cybersecurity #security #2factorauthentication

Last updated 1 year ago

Mysk🇨🇦🇩🇪 · @mysk
1379 followers · 445 posts · Server defcon.social

The rogue 2FA app that steals scanned secrets is now ranked 18 on the German App Store for the productivity category. No wonder! The app disguises as a Microsoft app. It is the top hit when you search for "Microsoft Authenticator" and the developer has updated the screenshots in the ad card to highlight the word "Microsoft". Surprisingly, the product page of the app shows different screenshots with the word "Microsoft" removed.
The app now has 1.2K reviews, as opposed to 18 when we first addressed the app.

#privacy #security #2factorauthentication #ios #infosec

Last updated 1 year ago

Crazy-to-Bike · @crazy2bike
160 followers · 5194 posts · Server mastodon.linuxmuster.net
Mysk🇨🇦🇩🇪 · @mysk
606 followers · 194 posts · Server defcon.social

A very nice article about the phenomenon of scam authenticator apps

"In fact, an app that uploads your seeds to a server anywhere in the world is either so incompetent that you should stop using it immediately, or so untrustworthy that you should treat it as cybercriminal malware."

nakedsecurity.sophos.com/2023/

#cybersecurity #privacy #infosec #2fa #2factorauthentication

Last updated 1 year ago

Elefanten Peter · @elefant_peter
20 followers · 370 posts · Server techhub.social

[1] @mart @mysk.

• Aegis (Android & F-Droid)
App doesn’t connect to internet and requires only strict necessary permissions. Backup to Nextcloud and others (reports.exodus-privacy.eu.org/ ).

• Ente (Android & IOS, and desktop is a work in progress).
App requires more permissions (reports.exodus-privacy.eu.org/)

OTP Auth (IOS & Mac)
iCloud sync ->

#authenticator #2factorauthentication

Last updated 1 year ago

Steve · @stevewasgone
5 followers · 4 posts · Server mstdn.social

Am I reading this wrong, pr are they only offering 2 factor authentication to paying customers moving forward?

#2factorauthentication #Instagram #Facebook #Meta

Last updated 1 year ago

Rami Al-Kabra · @rami
357 followers · 1280 posts · Server pnw.zone

Why are people freaking out about Twitter promoting them to change from sms-based to app-based ? App-based is actually better! I’ve used it from day one.

(this is not my screenshot. I borrowed it)

#2factorauthentication #2fa

Last updated 1 year ago

Youssef | يوسف · @joekd1
323 followers · 527 posts · Server mstdn.social

@MonicaBooth The most confusing thing is that SMS is not the most secure option for 2FA due to possibilities for sim swapping and other vulnerablitied. Authentification apps are recommended by security experts. So he is keeping the worse option for paying users? So weird

#birdapp #2factorauthentication #2fa #TwitterNews #ElonMusk

Last updated 1 year ago

MCF · @mfetherolf
3 followers · 9 posts · Server cyberplace.social

I wonder if any like or are planning yet for threats?
And as a nontechnical consumer, I’m wondering: will protect one from a attack?

#passwordmanager #lastpass #bitwarden #postquantum #quantumcomputing #2fa #2factorauthentication #quantum

Last updated 2 years ago

Zeke · @zekefeu
5 followers · 94 posts · Server techhub.social

Does anyone have negative feedback about ? Issues we should be aware of ?

#BitWarden #passwordmanager #2fa #2factorauthentication

Last updated 2 years ago

MCF · @mfetherolf
3 followers · 6 posts · Server cyberplace.social

Took me a minute but here’s how to get on mastodon .
1. Settings
2. Boring Stuff
3. Hamburger, upper right
4. Account Settings

#2fa #2factorauthentication

Last updated 2 years ago

Peter Nimmo · @Peternimmo
475 followers · 653 posts · Server mastodon.scot
Fabian Kern · @fabzgy
184 followers · 393 posts · Server freiburg.social


Ich bin auf der Suche nach einer App für Android. Gerne auch aus dem @fdroidorg App Store. Wer hat da gute Erfahrungen mit welcher App gemacht?

#followerpower #2factorauthentication #hilfetrot

Last updated 2 years ago