I am so incredibly annoyed by the stupid "Big Five" #banks in #Canada forcing broken phone or SMS-based #2FA upon everybody. It just plain doesn't work. Let alone the fact that it's insecure compared to standard #TOTP.
I've had at least two different financial institutions try to pull this crap on my parents, and each time, I have to call them to ask to turn off that shite because they're unable to send codes, or the codes they send are always invalid.
🧵4/5
Thursday: Hackers are using OTP bots to get around #SMS and #TOTP authenticator codes. Make the switch to #FIDO U2F for maximum login security tuta.com/blog/2fa-tutanota-sup… 🔐
We recommend U2F as the most secure version of two-factor authentication.Tutanota
PSA: If you're still using #Raivo 2FA on iOS back up your data immediately and do not update to the latest version.
As we suspected would happen when they were acquired last year, the new owners of the app have pivoted to a forced subscription model and updating to the new version will delete all your TOTP codes! discuss.privacyguides.net/t/ps…
We recommend switching to Ente Auth, which can be used completely locally or with @ente's end-to-end encrypted cloud backups.
#TOTP #RaivoOTP #PSA #Ente #EnteAuth
Be careful as you might lose all your keys if you update Raivo to the latest 1.6 version without backing up your keys before when not using an online sync.Privacy Guides
What is your preferred method of #2factorauthentication ? 🔑📱
Tuta offers full support for #U2F & #TOTP to keep your account secure! 🔒
👉 tuta.com/blog/posts/why-u2f-is…
FIDO U2F is important to secure your authentication process. It protects your account from malicious take-over, including phishing. Make sure you never lose access to your online identity!Tutanota
@pink
"Push": Das klingt proprietär und fühlt sich für mich eh etwas gruselig an...
Solange aber ein "#TOTP: Time-Based One-Time Password Algorithm" gemäß #RFC6238 zum Einsatz kommt, sollte man das Verfahren mit jedem passenden Tool bestreiten können. Wozu gibt es offene Standards? 😉
datatracker.ietf.org/doc/html/…
TOTP: Time-Based One-Time Password Algorithm (RFC 6238)datatracker.ietf.org
