You are viewing a single comment's thread from:

RE: 2 Factor Authentication - Is It Enough?

in #security7 years ago

I always thought there should be an extra factor for resetting password, like a delay period while website attempts to notify the user via all provided contact information.
the delayed withdraw process in steemit seems to do that.
Thanks for the useful data, I had no idea 2FA can be hacked that easy and used as a weak point at the seam time.

Sort:  

I think one of the issues is that the websites need to strike a balance between those of us who are just plain forgetful, providing fast and convenient services while also providing security. I think there are services that are multiple-authentication that go a bit further that are available as well.

Great point on the delayed withdrawal or the Steemit powerdown. At first a lot of people think this is inconvenient but soon realize that it makes your Steem Wallet much more secure in the event someone attempts to steal your funds.

True, True, 👍 in most cases, those get hacked that are not careful with their security. they must learn from crypro currency community hot to do it.