If you’ve got older computers, something with USB Type-A could be important, and if you have an iPhone, the YubiKey 5Ci with its Lightning connector might be necessary. I personally recommend the YubiKey 5C or YubiKey 5C NFC, but you should choose based on what devices you use. Even if your username and password end up in a malicious actor’s hands, they can’t get in without that jangling dongle in your pocket. They need your other credentials as well, and it serves as a final, difficult-to-duplicate barrier. If it’s stolen, someone can’t just magically get into your account. Just as you probably wouldn’t feel safe carrying around thousands of dollars in cash all the time, don’t trust your phone number as the last line of security for anything high-value like an important online account.Ī hardware 2FA security key is convenient - you don’t have anything extra to remember and it’s just like carrying around your house key. Metaphorically, your phone number is basically as safe as your wallet, and you can be robbed, pickpocketed, and burgled. The carriers can and will hand your number off to anyone with the savvy to call in, Google your name, and attempt an even half-hearted imitation. We’re all just a source of revenue in exchange for overpriced data sitting in columns on a quarterly financial report. These separate accounts are in separate shared vaults that we again both have access to (for emergency's, billing etc).So far as I can tell, just like the banks, the carriers don’t actually care about you - just look at the constant stream of hacks and basic failure to meet even elementary security standards. Conversely, we both have separate accounts to various medical websites (e.g.a Yubikey 5c Nano for our laptops and a Yubikey 5c NFC for our cell phones and other devices) that all provide TFA for this account? Conceptually, can we each have two or more USB keys (e.g. BofA supports USB Security Keys that support FIDO. For example, we have 1 Bank of America (BofA) account that we share with access to our checking savings and credit card accounts that is in a shared vault that we both have access to. Is there a practical way (when a website supports) two factor authentication (other than by SMS message) to have this setup for accounts in a shared vault.
0 kommentar(er)
