in

Please disable SMS authentication for your own safety: SMS OTP Diversion attack

Please disable SMS authentication for your own safety: SMS OTP Diversion attack



View Reddit by thanatosvnView Source

Leave a Reply

Your email address will not be published. Required fields are marked *

GIPHY App Key not set. Please check settings

10 Comments

  1. Everyone should atleast use authenticator atleast like authy or google authenticator. But best is to buy some yubikeys and setup a password manager that is guarded by the yubikeys, an email address guarded by yubikeys and your exchange accounts guarded by yubikeys

  2. If people don’t know this by now they just aren’t trying.

    1. Don’t use SMS auth
    2. If you have more than $100 in crypto, buy a $20 yubikey (hardware 2FA)
    3. If you have more than $1000 in crypto, buy a $60 hardware wallet (hardware 2FA)
    4. Stop using shitty email providers with your exchange account
    5. Stop reusing user ids across accounts
    6. Stop using shitty passwords

  3. Also, fortify your first factor. Enabling 2FA isn’t a replacement for actually having a good password. And never reuse the same password on more than one site.

    Just like you need your wallet private key to be random, the best passwords are random. Not random-looking. Actually random. Use dice if you have to. Because if your human brain can generate a password, so can another human brain.

    It might take some time for you to memorize a 12-14 character string made up of letters (lower and upper case), numbers (and throw in a symbol so the password passes strength tests some sites enforce), but you can do it. You probably can’t do this for every site, though, so just use a secure password manager locked by your actually-random password.

    If you use this kind of password to protect all your other passwords (which should also be random) in a password manager, and you’re sure to never enter your master password into any potentially-compromised device, you shouldn’t even need to ever change it.

What do you think?

Bitcoin Signals Bull Run after Formation of Golden Cross

Circle the firm behind USDC Subpoenaed by US SEC

Attorney Breaks Down The Good, Bad, And Ugly Events To Expect From The Ripple vs. SEC Case This Month

Attorney Breaks Down The Good, Bad, And Ugly Events To Expect From The Ripple vs. SEC Case This Month ⋆ ZyCrypto