SECURITY: STUPID secondary identification

Friday, November 7, 2014

http://gizmodo.com/how-hackers-reportedly-side-stepped-gmails-two-factor-a-1653631338

How Hackers Reportedly Side-Stepped Google’s Two-Factor Authentication
Kelsey Campbell-Dollaghan

*** begin quote ***

Writing on Ello, Blakeman describes how hackers gained access to his Instagram account through his Gmail. Even though he had two-factor turned on, the hackers were able to reset his Instagram password through Gmail and take control of his account (which has since been restored). So how did they do it? Blakeman says that Wired’s Mat Honan, himself a veteran of an epic hack, helped him by suggesting he check with his cellphone provider.

It turns out his number had been forwarded to a different number—which is how the hackers gained access:

“The attack actually started with my cell phone provider, which somehow allowed some level of access or social engineering into my Google account, which then allowed the hackers to receive a password reset email from Instagram, giving them control of the account.”

*** end quote ***

I suspect it’s those STUPID secondary identification authenticators!

Once again, if your mother’s maiden name isn’t “R2D2GMAIL” at Google and “R2D2AMAZON” at Amazon, then you are asking to be hacked.

Sorry, but, I use LASTPASS and just keep the secondaries in the notes. 

AND, I never reuse a password anywhere!

YMMV.

# – # – # – # – #   


SERVICE: Yahoo is enforcing two factor authentication

Monday, March 26, 2012

NewImage

 

 

 

 

 

 

 

 

 

 

At least Google lets you opt out. This is my fourth annoyance, since Friday.

Are they TRYING to run off their paying Customers??

AND for some reason, I have to do it twice. (When I don’t even want to do it once!)

And, I pay for this disservice.

Argh!

Have to think of getting off this bunch of bozos.

# – # – # – # – #

TO YAHOO:

Your new two factor authentication STINKS. Today I had to double authenticate twice. It’s the same machine that I used last week when you forced me to take an SMS message. And, the email choice are ALL three dead addresses. Argh! I’m a Technology Profession. Call me if you want to discuss the issues. p.s., SMS is not NECESSARILY free.

# – # – # – # – #


Follow

Get every new post delivered to your Inbox.

Join 1,070 other followers

%d bloggers like this: