FORUMS: list search recent posts

2-factor security breakdown

COW Forums : Apple OS X

<< PREVIOUS   •   VIEW ALL   •   PRINT   •   NEXT >>
Robert Withers
2-factor security breakdown
on Sep 2, 2017 at 6:53:48 pm

This is about security in general and not limited to Mac OS.
A friend had some bad luck recently that pointed out the limitations of the standard (New York Times) recommendation for security.
She lost her iPhone so couldn't receive any dual-factor codes for log-ins.
Then her main machine broke down and she couldn't access her password software.
So there was a problem logging into her bank and email provider from another machine.
I guess a bootable clone backup might have helped with the password software issue.
But the 2-factor phone text message system depends on you having your own phone always available.

Robert Withers

Independent/personal/avant-garde cinema, New York City


Return to posts index

John Rofrano
Re: 2-factor security breakdown
on Sep 3, 2017 at 4:26:00 pm
Last Edited By John Rofrano on Sep 3, 2017 at 4:44:22 pm

[Robert Withers] "But the 2-factor phone text message system depends on you having your own phone always available."
Actually most 2-factor schemes allow multiple second factors and you should make sure to enable those options. While the iPhone uses codes as the primary means of identification, usually they have text message option which means simply getting your phone replaced will allow you to receive text messages on your new phone (it doesn't even have to be an iPhone at that point). Some also have a "phone call" option where you can give a land-line (or again your cell phone which will work once you get it replaced) and it will read the code to you which you then type into your browser. Apple ID allows you to add a trusted phone number in addition your iPhone. Had your friend use that option, she wouldn't have been locked out (assuming she had a home phone number that was not her cell). You can read more about it here.

2-factor authentications is a critical security tool to use and you should always take advantage of it. If set up properly, you should always have options available to you for authentication. This case is a rare instance of an iPhone and computer being lost or failing at the same time. Don't let that scare you away from securing your accounts.

~jr

http://www.johnrofrano.com
http://www.vasstsoftware.com



Return to posts index

Robert Withers
Re: 2-factor security breakdown
on Sep 3, 2017 at 7:26:44 pm

Yes, getting a mobile phone replaced immediately is a kind of solution. But not always easy or trivial. We were in traveling in Nova Scotia and it took a week to confirm that the phone was really lost, not misplaced. The available landline was not in the 2-factor system. So indeed, having the 2-factor system depends on having the mobile always available. Or immediately replaced without regard for expense or availability. Or maybe a landline that is always available. The system broke down for us. I won't use 2-factor until there is an option not tied to a mobile or landline. Mobiles can disappear. Landlines don't travel.

Robert Withers

Independent/personal/avant-garde cinema, New York City


Return to posts index


John Rofrano
Re: 2-factor security breakdown
on Sep 3, 2017 at 7:43:13 pm

[Robert Withers] "The system broke down for us. I won't use 2-factor until there is an option not tied to a mobile or landline. Mobiles can disappear. Landlines don't travel."
There already is. You don't need a land-line. My apology if I didn't explain it clearly.

What about a spouses phone? The Trusted Number just needs a number that is trusted. It could be your kids or your cousin, or a neighbor you trust. It's just a phone number that Apple can call to give you your authorization code. This number has absolutely no authority other than to receive an automated phone call from Apple. Surely there is someone you trust to receive this phone call?

BTW, I want to personally thank you. While researching an answer I checked my Apple ID and realized that the only number I had on my account was my cell phone. I added my home phone and Apple called me on my home phone to verify so now if I loose my phone, I can get someone at home to verify for me. Had you not asked this question, I may have found myself in a similar situation although I have my iPhone, iPad Pro, Mac Pro and MacBook Pro registered as devices on my account so the chance of loosing access to all of them it quite slim but it always helps to have one more method. THANKS! :-D

~jr

http://www.johnrofrano.com
http://www.vasstsoftware.com



Return to posts index

<< PREVIOUS   •   VIEW ALL   •   PRINT   •   NEXT >>
© 2017 CreativeCOW.net All Rights Reserved
[TOP]