Liste des Groupes | Revenir à cm android |
"Carlos E.R." <robin_listas@es.invalid> Wrote in message:There was an attack on Orange, basically breaking all internet service, and it was commented that had the attacked machines (RIPE database?) used a simple 2FA, the attack would not have succeeded.
On 2024-03-09 20:24, Newyana2 wrote:Exactly. Banking regulations require them to use 2FA and SMS is a"The Real Bev" <bashley101@gmail.com> wrote>
>
| WTF? Why is the google voice number not a REAL phone number?
|
As V said, the simple answer is that they want to spy.
No, that's not it. Not for a bank.
>
They want to know that you are an actual person with a phone and
contract. They have to trust the company giving those numbers.
simple and cheap way of doing it. Not very secure, though more
secure than email. Also it's easily understood by customers, and
that's very important. AMEX send me _both_ an SMS and an email,
which is convenient but more insecure - an OTP should go to
exactly one device.
I have a TOTP client on both my phone (FreeOTP) and tablet
(andOTP) but none of my UK banks or savings accounts uses them.
One bank provides me with an OTP gadget, but that was before 2FA
became a legal requirement. I can also use their banking app to
generate a code: I think that's what will replace SMS for most
people.
That banks or banking authorities are actually thinking about the
security of these SMSs and refusing to send them to some mobile
services is vaguely encouraging.
Les messages affichés proviennent d'usenet.