I recently came across this Blog on ‘Can I still be hacked with 2FA (2 factor authentication) turned on. A friend told me they were concerned after reading the Blog as they thought that using 2FA made them secure. I must say I was a little worried too until I read the Blog for myself…
The key points I got out of the Blog are:
- Text message based 2FA is probably the least secure
- Even biometric 2FA can be faked/hacked
- 2FA is still ‘best practice’
My use of 2FA is (as described in the Blog) TOTP (Time based One Time Password) and this is supposed to be one of the best 2FA methods (whew).
Without creating too much hassle, I like the convenience and (apparent) security of:
- using a device that is biometrical ‘locked to me’
- passwords that are randomly generated and stored for me in my password manager, and
- 2FA using an app that generates TOTP
Im not complacent but I think I am doing the best that I can. I just try to avoid clicking on links in text messages, emails and web sites promising: riches, prizes, avoiding prosecution, etc. etc. 👍😂
If you are concerned about being ‘hacked’ then reading this Blog would be of interest to you.
Detailed Files 