Discussion in 'Technical' started by sec_monkey, Feb 6, 2015.
Here's Why Your Bank Account Is Less Secure Than Your Gmail
I have started using Password Box after a recent hacking incident. It is easy and free. I have the most important usernames and passwords in there. Who knows that will probably be hacked soon also.
I don't really understand why banks won't implement 2FA (Two Factor Authentication) unless bank security is mandated by regulators so they only do the minimum to meet the requirement.
In my list of online logins, my banks are the least secure.
Even bank website security is terrible:
Plug your banks url in here and see: Qualys SSL Labs - Projects / SSL Server Test
Then try SM Qualys SSL Labs - Projects / SSL Server Test / survivalmonkey.com
One bank was A-, other two are B's. You would think one of the B's would tighten things up especially since they were already hacked.
My bank has a 3 step system, kinda. First i login with my password, then i have to input 2 digits of a 6 digit key via onscreen keyboard and then for every transaction i get a transaction code via text message
Not in the US. SMS option would be fantastic.
We use Google Authenticator or Yubikey here at SM https://www.survivalmonkey.com/account/two-factor
No SMS option yet although we'd add it if it were feasible
February 3, 2016|Olivier Sicco
OTP vs. U2F: Strong To Stronger
At Yubico, we are often asked why we are so dedicated to bringing the FIDO U2F...
[ATTACH] Two-step verification increases the security of your account by requiring you to provide an additional code to complete the login...
Google Online Security Blog: New research: Comparing how security experts and non-experts stay safe online
How I Lost My $50,000 Twitter Username
Some of the below is out of date abut has been preserved for background on 2FA in general. The current SM 2FA features are available here:...
Separate names with a comma.