185

FBI Warns Americans to Start Using Encrypted Messaging Apps (gizmodo.com)

submitted 2 weeks ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

53 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] atzanteol@sh.itjust.works 58 points 1 week ago

That's great when my bank only uses sms for mfa though.

Seriously, bank and credit card companies need to get with the program more than me and my friends.

[-] captain_aggravated@sh.itjust.works 10 points 1 week ago

Steam. The store front I get my video games from. Has 2-factor authentication with a short time rotating code. To secure my Steam account.

My bank uses SMS and "security questions" aka personal trivia questions.

[-] Eezyville@sh.itjust.works 2 points 1 week ago

Easy to guess with some social engineering

[-] Draconic_NEO@sh.itjust.works 3 points 1 week ago

Or literally anyone who knows you. It's based on the idea that strangers are the ones who will try to screw you over but everyone knows that it's people who you know that end up screwing you over in most cases. So security questions are basically useless in all those cases.

[-] toynbee@lemmy.world 3 points 1 week ago

While I agree with you, some people answer these questions with deliberately incorrect answers. If my closest friend tried to compromise my bank account with my security questions, he'd get them all wrong (and even he doesn't know my wrong answers).

Still a bad design, though.

[-] Chais@sh.itjust.works 9 points 1 week ago

Right? Had a bank account once, where the login password could only have up to 8 characters. And only digits.

[-] MTK@lemmy.world 9 points 1 week ago

Lucky, mine is 6 (yes, right now in 2024)

[-] Chais@sh.itjust.works 5 points 1 week ago

I just checked my KeePass and turns out I still have the entry in the recycle bin.
It was 5 digits. Admittedly, that was "back in 2012," but still. For shame, Bank Austria!

[-] xapr@lemmy.sdf.org 3 points 1 week ago

Swiss (Cheese) Bank?

[-] sugar_in_your_tea@sh.itjust.works 2 points 1 week ago

That's a huge part of why I use my brokerage, Fidelity, as my main bank, they support Symantec VIP TOTP. I prefer my regular TOTP solution, but this us miles ahead of literally every other bank I've used.

[-] Eezyville@sh.itjust.works 2 points 1 week ago

The only bank that allowed me to use totp was a credit union. You'd think the rich ass banks could afford to hire a developer to set up good MFA.

[-] sugar_in_your_tea@sh.itjust.works 1 points 1 week ago

Yeah, and just for a few months. TOTP really isn't that complicated...

[-] Evotech@lemmy.world 1 points 1 week ago

That's wild

this post was submitted on 05 Dec 2024

185 points (97.9% liked)

Cybersecurity

5834 readers

196 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social