Open Tech<p>Google has announced that Gmail will phase out SMS-based two-factor authentication (2FA) in favor of more secure methods. This change aims to enhance user security by reducing vulnerabilities associated with SMS codes, which can be intercepted. Users are encouraged to adopt alternatives like Google Authenticator or security keys for better protection. </p><p><a href="https://mastodon.social/tags/Google" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Google</span></a> <a href="https://mastodon.social/tags/Gmail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Gmail</span></a> <a href="https://mastodon.social/tags/TwoFactorAuthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TwoFactorAuthentication</span></a> <a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mastodon.social/tags/DataProtection" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DataProtection</span></a> <a href="https://mastodon.social/tags/TechNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechNews</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
pawb.fun is one of the many independent Mastodon servers you can use to participate in the fediverse.
This instance aimed at any and all within the furry fandom, though anyone is welcome! We're friendly towards members of the LGBTQ+ community and aiming to offer a safe space for our users.
Administered by:
Server stats:
303active users
pawb.fun: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.6+glitch
#twofactorauthentication
0 posts · 0 participants · 0 posts today
Serious Mima<p><span>Why does </span><a href="https://sk.gensokyo.shop/tags/Sharkey" rel="nofollow noopener noreferrer" target="_blank">#Sharkey</a><span> / </span><a href="https://sk.gensokyo.shop/tags/Misskey" rel="nofollow noopener noreferrer" target="_blank">#Misskey</a><span> need an "authenticator app" registered before you can use a hardware key? That doesn't make sense </span><a href="https://sk.gensokyo.shop/tags/security" rel="nofollow noopener noreferrer" target="_blank">#security</a><span> wise.<br><br>Yeah I know it's to prevent people from just accidentally getting locked out of their accounts, but there should be an option for </span><a href="https://sk.gensokyo.shop/tags/FediAdmins" rel="nofollow noopener noreferrer" target="_blank">#FediAdmins</a><span> to allow this risk. </span>🤔<span><br><br></span><a href="https://sk.gensokyo.shop/tags/2FA" rel="nofollow noopener noreferrer" target="_blank">#2FA</a><span> </span><a href="https://sk.gensokyo.shop/tags/yubikey" rel="nofollow noopener noreferrer" target="_blank">#yubikey</a><span> </span><a href="https://sk.gensokyo.shop/tags/hardwarekey" rel="nofollow noopener noreferrer" target="_blank">#hardwarekey</a><span> </span><a href="https://sk.gensokyo.shop/tags/cybersecurity" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a><span> </span><a href="https://sk.gensokyo.shop/tags/twofactor" rel="nofollow noopener noreferrer" target="_blank">#twofactor</a><span> </span><a href="https://sk.gensokyo.shop/tags/twofactorauth" rel="nofollow noopener noreferrer" target="_blank">#twofactorauth</a><span> </span><a href="https://sk.gensokyo.shop/tags/twofactorauthentication" rel="nofollow noopener noreferrer" target="_blank">#twofactorauthentication</a></p>
Mark A. ⏏️ {FalconMarkSix}<p>I don't think I've ever seen this before. Good job sending these Mastodon! :ablobfoxbongo:</p><p>BTW it was me, I entered the wrong code. :blobfoxlaughsweat:</p><p><a href="https://tech.lgbt/tags/TwoFactorAuthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TwoFactorAuthentication</span></a> <a href="https://tech.lgbt/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a> <a href="https://tech.lgbt/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://tech.lgbt/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://tech.lgbt/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a></p>
spinlock :nonbinary_flag:<p>I love the SoloKey V2 limited edition with the purple glitter!</p><p><a href="https://chaos.social/tags/SoloKey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SoloKey</span></a> <a href="https://chaos.social/tags/SoloKeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SoloKeys</span></a> <a href="https://chaos.social/tags/SoloKeyV2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SoloKeyV2</span></a> <a href="https://chaos.social/tags/glitter" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>glitter</span></a> <a href="https://chaos.social/tags/resin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>resin</span></a> <a href="https://chaos.social/tags/fido" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fido</span></a> <a href="https://chaos.social/tags/fido2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fido2</span></a> <a href="https://chaos.social/tags/WebAuthn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebAuthn</span></a> <a href="https://chaos.social/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a> <a href="https://chaos.social/tags/TwoFactorAuthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TwoFactorAuthentication</span></a> <a href="https://chaos.social/tags/GiveMeAllTheHashtags" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GiveMeAllTheHashtags</span></a> <span class="h-card"><a href="https://mas.to/@solokeys" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>solokeys</span></a></span></p>
Gaute Holmin ⚡<p>Finally <span class="h-card"><a href="https://social.vivaldi.net/@Vivaldi" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Vivaldi</span></a></span> has enabled <a href="https://social.vivaldi.net/tags/TwoFactorAuthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TwoFactorAuthentication</span></a>, and as usual they have done so in the best possible way:</p><p>- A good explanation<br>- User friendly<br>-Encouraging multiple verification methods.</p><p>Way to go 👍</p>
Yohan Yukiya Sese Cuneta 사요한🦣<p>I hate <a href="https://c.im/tags/Instagram" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Instagram</span></a>, their developers, and their agents.</p><p>(status: trying to prevent a meltdown)</p><p>Context and details.<br>1. I seldom (rarely even) use my Instagram account. I log in when I have something to share. I don't even go on a 'liking' spree, and I only leave comments when there's something to say.</p><p>2. I don't even follow accounts here and there. I only followed accounts that I'm a fan of, or I am interested with their content.</p><p>3. I have <a href="https://c.im/tags/TwoFactorAuthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TwoFactorAuthentication</span></a></p><p>4. I have a postpaid mobile number attached</p><p>5. My email, using my own domain name, is the one attached to it</p><p>6. I provided my real name in the account section, just exactly for verification purposes if needed (if they ask for an ID or something).</p><p>7. I did not upload any “re-upload”/“re-share” content.</p><p>See my <a href="https://c.im/tags/Pixelfed" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Pixelfed</span></a> account: <a href="https://pixelfed.social/i/web/profile/350686112577015419" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://</span><span class="ellipsis">pixelfed.social/i/web/profile/</span><span class="invisible">350686112577015419</span></a> That's practically the same content as I have in my Instagram account.</p><p>YET, they started to ask me for <a href="https://c.im/tags/selfie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfie</span></a> <a href="https://c.im/tags/verification" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>verification</span></a> since February 2023.</p><p>I complied.</p><p>* The first selfie verification, they approved it. But did not inform me, no email whatsoever.</p><p>* The second selfie verification, they approved it and sent an email apologising that it was a mistake. (See attached screenshots.)</p><p>* The third time, the current one, was last week. They did not approve it. No email whatsoever. I can no longer login to my account.</p><p>I complied with their selfie verifications even though I am very uncomfortable with it. I am <a href="https://c.im/tags/Autistic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Autistic</span></a>, and I hate these types of verifications (selfie, video), but I complied.</p><p>And this is what I get in the end?</p><p>What is the use of <a href="https://c.im/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a> if they are not going to use it?</p><p>I can not help but conclude that <a href="https://c.im/tags/Meta" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Meta</span></a> and <a href="https://c.im/tags/Instagram" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Instagram</span></a> is anti- <a href="https://c.im/tags/autism" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>autism</span></a>. I am <a href="https://c.im/tags/OpenlyAutistic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenlyAutistic</span></a> in my online accounts, and I do feel targeted in this situation.</p><p>Currently, for the nth time, I am doing my best not to have a <a href="https://c.im/tags/meltdown" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>meltdown</span></a> just because of this.</p><p>My last attempt is this thread over <a href="https://c.im/tags/Twitter" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Twitter</span></a>: <a href="https://twitter.com/YourOnlyONEofcl/status/1637050270235643905" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://</span><span class="ellipsis">twitter.com/YourOnlyONEofcl/st</span><span class="invisible">atus/1637050270235643905</span></a> If you want to help, and I do need the help, please reply and tag Meta and Instagram. Maybe even worth tagging <a href="https://c.im/tags/Facebook" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Facebook</span></a> as well.</p><p><a href="https://c.im/tags/ActuallyAutistic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ActuallyAutistic</span></a> <a href="https://c.im/tags/ActuallyAutistics" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ActuallyAutistics</span></a> <a href="https://c.im/tags/Autistics" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Autistics</span></a> <a href="https://c.im/tags/AutismSpectrum" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AutismSpectrum</span></a> <a href="https://c.im/tags/Discrimination" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Discrimination</span></a> <a href="https://c.im/tags/UnrealiableSystem" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UnrealiableSystem</span></a> <a href="https://c.im/tags/BrokenProcess" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BrokenProcess</span></a> </p><p><span class="h-card"><a href="https://a.gup.pe/u/neurodivergence" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>neurodivergence</span></a></span> </p><p><span class="h-card"><a href="https://a.gup.pe/u/actuallyautistic" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>actuallyautistic</span></a></span></p>
tkteo<p>1/n At the time of typing this, the most recent post on <a href="https://infosec.exchange/tags/lastpass" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>lastpass</span></a> blog is still 22 December 2022 "Notice of Recent Security Incident", containing the criticized " it would take millions of years to guess your master password using generally-available password-cracking technology" claim.</p><p>What is ironic is the post that is marked as "What's Trending", which is "How to choose a <a href="https://infosec.exchange/tags/Password" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Password</span></a> Manager", posted 21 March 2021. Who knows, maybe Lastpass' customers have been flocking to the blog and trending this post upwards?</p><p><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/passwordmananger" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passwordmananger</span></a> <a href="https://infosec.exchange/tags/passwordmanagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passwordmanagement</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/databreaches" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>databreaches</span></a> <a href="https://infosec.exchange/tags/2fa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2fa</span></a> <a href="https://infosec.exchange/tags/mfa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mfa</span></a> <a href="https://infosec.exchange/tags/twofactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>twofactorauthentication</span></a> <a href="https://infosec.exchange/tags/multifactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>multifactorauthentication</span></a></p>
Vivian (she/her/ia) :heart_bi:<p>This is a blog on <a href="https://mastodon.nz/tags/2fa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2fa</span></a> <a href="https://mastodon.nz/tags/twofactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>twofactorauthentication</span></a> <a href="https://mastodon.nz/tags/TwoFactorWebAuthn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TwoFactorWebAuthn</span></a> <a href="https://mastodon.nz/tags/twofactorauth" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>twofactorauth</span></a></p>
Marcus "MajorLinux" Summers<p>See!</p><p>This is why SMS-based 2FA is the worst kind of 2FA!</p><p>Play app with 100K downloads booted for forwarding texts to developer server | Ars Technica <a href="https://arstechnica.com/information-technology/2022/11/google-boots-play-app-that-surreptitiously-sent-texts-to-developers-server/" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://</span><span class="ellipsis">arstechnica.com/information-te</span><span class="invisible">chnology/2022/11/google-boots-play-app-that-surreptitiously-sent-texts-to-developers-server/</span></a></p><p><a href="https://toot.majorshouse.com/tags/GooglePlay" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GooglePlay</span></a> <a href="https://toot.majorshouse.com/tags/Android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Android</span></a> <a href="https://toot.majorshouse.com/tags/SMS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SMS</span></a> <a href="https://toot.majorshouse.com/tags/TwoFactorAuthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TwoFactorAuthentication</span></a> <a href="https://toot.majorshouse.com/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a></p>
Morten<p>With it being <a href="https://infosec.exchange/tags/BlackFriday" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BlackFriday</span></a> and all, I hope nobody is caught up in scams or phishing attacks while doing their (frantic!) online <a href="https://infosec.exchange/tags/shopping" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>shopping</span></a>.</p><p>Here are a few <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> and <a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>privacy</span></a> tips that I hope will help somebody:</p><p>1) If you have a coupon code, don't follow a provided link to the shopping page. Instead find the page yourself, e.g., via a <a href="https://infosec.exchange/tags/searchengine" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>searchengine</span></a>, and then input the coupon code manually.</p><p>2) Access online shops without being logged in, and without any <a href="https://infosec.exchange/tags/cookies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cookies</span></a>, such that the shop cannot set prices according to <a href="https://infosec.exchange/tags/personaldata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>personaldata</span></a> or previous purchases (yes, they do that). Except, of course, if the discount is only available when actually having an account. Attempt anonymously first.</p><p>3) An improvement to 2) is accessing online shops via <a href="https://infosec.exchange/tags/TorBrowser" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TorBrowser</span></a> or similar. </p><p>4) Use a <a href="https://infosec.exchange/tags/VPN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VPN</span></a> such that <a href="https://infosec.exchange/tags/ISPs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ISPs</span></a> and other adversaries cannot obtain or spoof information. It also protects your data, like credit card info, if you are using public a <a href="https://infosec.exchange/tags/WiFi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WiFi</span></a> (never do that without VPN).</p><p>5) As corollary to 4) you can even sometimes get discounts by using a different location than your own.</p><p>6) Use a <a href="https://infosec.exchange/tags/passwordmanager" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passwordmanager</span></a> for your credentials such that they can be longer and harder to guess/crack. This also means you don't have to remember (or even know) them by heart.</p><p>7) Setup <a href="https://infosec.exchange/tags/MFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MFA</span></a> for your accounts such that, together with 6), it is harder for adversaries to break in and steal data and/or make automated purchases on your behalf if possible. It is highly advisable using an authenticator app instead of code-by-SMS. For further protection, you can even use <a href="https://infosec.exchange/tags/biometrics" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>biometrics</span></a>, like <a href="https://infosec.exchange/tags/fingerprints" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fingerprints</span></a> or facial scans. And/or a hardware device supporting <a href="https://infosec.exchange/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIDO2</span></a>/#U2F or similar.</p><p>Note that these tips are applicable also when not shopping, and I would encourage them all.</p><p>Stay safe and have an awesome Friday!</p><p><a href="https://infosec.exchange/tags/mastodontips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mastodontips</span></a> <a href="https://infosec.exchange/tags/feditips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>feditips</span></a> <a href="https://infosec.exchange/tags/profiling" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>profiling</span></a> <a href="https://infosec.exchange/tags/personalidentifyinginformation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>personalidentifyinginformation</span></a> <a href="https://infosec.exchange/tags/pii" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pii</span></a> <a href="https://infosec.exchange/tags/internetserviceproviders" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>internetserviceproviders</span></a> <a href="https://infosec.exchange/tags/tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tor</span></a> <a href="https://infosec.exchange/tags/multifactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>multifactorauthentication</span></a> <a href="https://infosec.exchange/tags/2fa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2fa</span></a> <a href="https://infosec.exchange/tags/twofactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>twofactorauthentication</span></a> <a href="https://infosec.exchange/tags/yubikey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>yubikey</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload