Claire Harrison says she's still recovering from losing her identity and tens of thousands of dollars by mobile porting fraud, where scammers port your mobile number to another device.
Of course it’s avoidable! Phone spoofing has been known to be a vulnerability for years, yet so many companies still insist on using SMS for 2FA “for security”. ffs, if you are concerned about security, use a proper TOTP or HOTP, or a hardware token.
Hear, hear! SMD 2FA is absolutely better than not having any 2FA, but it’s still pretty fucking bad. TOTP, or even better FIDO2, should be used as the default standard.
Of course it’s avoidable! Phone spoofing has been known to be a vulnerability for years, yet so many companies still insist on using SMS for 2FA “for security”. ffs, if you are concerned about security, use a proper TOTP or HOTP, or a hardware token.
Hear, hear! SMD 2FA is absolutely better than not having any 2FA, but it’s still pretty fucking bad. TOTP, or even better FIDO2, should be used as the default standard.