Android Police

Articles Tagged:

two-factor authentication

48

Your carrier will let basically any competent criminal hijack your phone number

One of the key pieces to our digital identities, whether we like it or not, is our mobile phone number. You likely use it one way or another in a two-factor authentication login (you shouldn't). Thing is, as it's been demonstrated quite a few times, they can be easily hijacked in a few easy steps by malicious actors ringing up carriers' customer service representatives — many of whom are all too understanding in helping users out of what's supposedly a stressful situation. So, just how easy is it to steal someone's phone number on a prepaid network? Researchers at Princeton University say extremely so in a recently published whitepaper draft.

Read More
18

Two-factor authentication should be mandatory for all of your accounts, and it's time for companies to step up

Today, Vice published a story detailing the abysmal security practices of Amazon's Ring brand of smart home security and surveillance products after a spate of compromised passwords (which have been inaccurately described as "hacked," even by The New York Times, who should know much better) led to terrifying privacy breaches for consumers across the US.

Compromised passwords are an extremely common source of account breaches, whether as part of account dumps on the dark web or through simple social engineering. Passwords are, for all of their virtues, very bad as security measures. In a world full of bad actors looking to compromise your personal privacy for the sake of spying on you or taking advantage of you financially, your password should be one of several lines of defense protecting you.

Read More
6

[Update: Now available] Google Titan security key updated with USB-C

Security breaches and phishing attacks are still distressingly common these days, so many of us secure accounts through two-factor authentication (2FA) systems based on SMS or Google Prompt. That's better than nothing, but 2FA codes might not be enough for high-risk individuals. Physical 2FA devices add another layer of security, and Google made available to the general public last year its Titan Security Key Bundle. Initially released with USB-A, NFC, and Bluetooth support, the 2019 edition of Titan has now been updated to support USB-C natively.

Read More
9

Arlo releases new Android app with two-factor authentication support

Arlo spun off from Netgear a while back, but it's been using the same Netgear-signed app the whole time. Starting today, there's a new Arlo app under a new Play Store listing. The updated app looks the same, but it adds an important feature in the form of two-factor authentication.

Read More
15

Android's built-in security key now rolling out to all Android 7.0+ devices

Last month, Google started testing a new way to use Android phones as a two-factor authentication keys. While cloud-based 2FA has been available on Android for years, the new method is hardware-based. The new feature is now rolling out to all Android 7.0+ devices worldwide.

Read More
3

Google will now let G Suite admins disable SMS two-factor authentication

One of the hassles that comes with being a G Suite admin is making sure everything is secure, which can sometimes fall outside of your control. Employees are notoriously one of the weakest links in enterprise security, so it's good to have multiple two-factor authentication methods to cover for weak passwords and the like. One of the more common methods for 2FA is SMS, but due to notable failings in its security, Google is offering admins the option to completely disable it for their domains.

Read More
24

UK bank falls victim to SS7 attacks, allowing cybercriminals to drain accounts and reminding us why SMS two-factor authentication sucks

By now everyone should know that two-factor authentication via SMS is outdated and insecure. But in case anyone needs a reminder, here it is: Metro Bank in the UK was recently the victim of something called SS7 attacks, which basically allow anyone with access to reroute text messages and calls as they please, as well as track the location of a compromised phone. This is far from the first time this has happened, and it seems European banks are more at risk than US banks.

Read More
12

Instagram two-factor authentication app support is now live

Securing your account logins with two-factor authentication (2FA) is a very healthy online habit to get into, but it can be annoying when services decide to only send the codes via SMS. An authentication app isn't only more convenient, it's also safer because regular messages could still be intercepted or forwarded. For a while now, Instagram was one of very few accounts I use that only supported 2FA via SMS, but proper authentication app support was promised recently, and now it appears to be rolling out.

Read More
36

Instagram is finally rolling out support for two-factor authentication apps

With a billion monthly active users and immense cultural influence, it's surprising that Instagram is only now rolling out a fairly standard modern security feature: support for two-factor authentication apps. Still, following the better-late-than-never mentality, the the roughly eight-year-old social platform announced the feature is now rolling out, giving its users a better way to secure their logins. Along with this much-anticipated change come new public info pages about large Instagram accounts, and an easily accessible verification request form.

Read More
112

Android Messages 3.2 adds 2FA code copy shortcuts [APK Download]

Two-factor authentication is a great way to make your accounts more secure, but using SMS messages for the codes is a bit of a hassle: request code, switch apps, copy code, switch apps, paste code (or read and remember the code, but what is this, the 1840s?). Android Messages has a new trick that makes the process a little easier: it now parses 2FA codes from texts and presents the option to copy them with a single tap.

Read More
Mastodon