Android Police

Articles Tagged:

2fa

52

Your carrier will let basically any competent criminal hijack your phone number

One of the key pieces to our digital identities, whether we like it or not, is our mobile phone number. You likely use it one way or another in a two-factor authentication login (you shouldn't). Thing is, as it's been demonstrated quite a few times, they can be easily hijacked in a few easy steps by malicious actors ringing up carriers' customer service representatives — many of whom are all too understanding in helping users out of what's supposedly a stressful situation. So, just how easy is it to steal someone's phone number on a prepaid network? Researchers at Princeton University say extremely so in a recently published whitepaper draft.

Read More
18

Two-factor authentication should be mandatory for all of your accounts, and it's time for companies to step up

Today, Vice published a story detailing the abysmal security practices of Amazon's Ring brand of smart home security and surveillance products after a spate of compromised passwords (which have been inaccurately described as "hacked," even by The New York Times, who should know much better) led to terrifying privacy breaches for consumers across the US.

Compromised passwords are an extremely common source of account breaches, whether as part of account dumps on the dark web or through simple social engineering. Passwords are, for all of their virtues, very bad as security measures. In a world full of bad actors looking to compromise your personal privacy for the sake of spying on you or taking advantage of you financially, your password should be one of several lines of defense protecting you.

Read More
16

Google rolling out SMS verification code autofill to Android

Certain apps are able to automatically input SMS verification codes through Google's SMS Retriever API. If the app doesn't utilize the API, Android Messages is able to detect those codes and let users copy them right from the SMS notification. Now, it appears that Google is about to close the gap by having its own Autofill service pull SMS verification codes all by itself with the latest Google Play services update.

Read More
9

Arlo releases new Android app with two-factor authentication support

Arlo spun off from Netgear a while back, but it's been using the same Netgear-signed app the whole time. Starting today, there's a new Arlo app under a new Play Store listing. The updated app looks the same, but it adds an important feature in the form of two-factor authentication.

Read More
8

Google Titan Security Key now available in Canada, France, Japan, and the UK

Google's two-factor authentication hardware key, the Titan Security, has been available in the US for almost a year. After disappearing from the Store for a few months and a Bluetooth flaw that required Google to send free replacements, it's now making its way to four other countries.

Read More
15

OneDrive's new Personal Vault puts extra security on your sensitive documents

You can pretty much stick a file manager interface onto any app you want. But when it comes to actual personal storage apps, be it local or in the cloud, developers could always go further by installing an enhanced-security enclave — where particularly sensitive files can be stored and accessed only through further authentication. Microsoft recently decided to give OneDrive customers such an extra layer, branding it as their own "Personal Vault."

Read More
12

Google finds flaw in Bluetooth Titan Security Keys, will provide free replacements

Google released the Titan Security Key last year, as part of the company's growing focus on two-factor authentication. The kit comes with a USB Type-A key and a battery-powered Bluetooth/NFC key, and both could be configured as 2FA methods with Google accounts. The last thing you want in your security key is a security flaw, but that's just what has been discovered.

Read More
16

Android's built-in security key now rolling out to all Android 7.0+ devices

Last month, Google started testing a new way to use Android phones as a two-factor authentication keys. While cloud-based 2FA has been available on Android for years, the new method is hardware-based. The new feature is now rolling out to all Android 7.0+ devices worldwide.

Read More