fne8w2ah@lemmy.world to Technology@lemmy.worldEnglish · 9 months agoSIM-swapping ring stole $400M in crypto from a US company, officials allegearstechnica.comexternal-linkmessage-square13fedilinkarrow-up1113arrow-down15
arrow-up1108arrow-down1external-linkSIM-swapping ring stole $400M in crypto from a US company, officials allegearstechnica.comfne8w2ah@lemmy.world to Technology@lemmy.worldEnglish · 9 months agomessage-square13fedilink
minus-squareshortwavesurfer@lemmy.ziplinkfedilinkEnglisharrow-up24·9 months agoAnd this is why smart people don’t use text message to factor authentication, if at all possible. App based OTP is much safer
minus-squareshortwavesurfer@lemmy.ziplinkfedilinkEnglisharrow-up4·9 months agoExactly. I don’t have a physical key because I would want one that has open source hardware and software.
minus-square/home/pineapplelover@lemm.eelinkfedilinkEnglisharrow-up1·edit-29 months agoI believe Solokey is a brand that makes open source hardware keys. Edit: they might only be fido 2 level 1 and not level 2 like yubikey Edit 2: apparently there’s also openkey and nitrokey so those are some more options for you.
minus-squareshortwavesurfer@lemmy.ziplinkfedilinkEnglisharrow-up1·9 months agoThanks, I will check them out, though, that only being level 1 could be a problem.
minus-squarePlantObserver@lemmy.worldlinkfedilinkEnglisharrow-up6·9 months agoI wish the companies that decide to only allow SMS 2FA (or none at all) will fucking realize this sooner rather than later
minus-squarehitmyspot@aussie.zonelinkfedilinkEnglisharrow-up2·9 months agoOr at least be held liable for any losses.
And this is why smart people don’t use text message to factor authentication, if at all possible. App based OTP is much safer
And yubikey
Exactly. I don’t have a physical key because I would want one that has open source hardware and software.
I believe Solokey is a brand that makes open source hardware keys.
Edit: they might only be fido 2 level 1 and not level 2 like yubikey
Edit 2: apparently there’s also openkey and nitrokey so those are some more options for you.
Thanks, I will check them out, though, that only being level 1 could be a problem.
I wish the companies that decide to only allow SMS 2FA (or none at all) will fucking realize this sooner rather than later
Or at least be held liable for any losses.