ᴄʏʙᴇʀɢᴜʏ 👽 on Nostr: Sms is vulnerable, because IMSI catcher, a MITM hacking technique. The authenticators ...
Sms is vulnerable, because IMSI catcher, a MITM hacking technique. The authenticators are better. It is worth to use FOSS app. On Android it is e.g. andOTP or Aegis if you want to use Google Authenticator compatible app.
2FA can contain 2 of 3 different kind of auth. Based on:
- knowledge (e.g. sms or authenticator)
- possession (e.g. mobile phone)
- inherence (e.g. fingerprint)
So you have to chose 2 different. But some authenticator accept fingerprint instead of numbers provided
Published at
2023-07-18 19:56:21Event JSON
{
"id": "745daa7c0d74cbfecb83fe8404011a525d65ad905d650f48789a4be66fcbaed4",
"pubkey": "92860cc18c592cbc10ddb1afc33a953445bad52368df7d046143768f74bb6c4a",
"created_at": 1689710181,
"kind": 1,
"tags": [
[
"e",
"e48a9c9cd3f174a7321436fcde20c592fcfa80d17fb377a8eab16fd43a6ffced",
"",
"root"
],
[
"e",
"38c19b02ffacec3c400443b315115602142f8d549f1bd6bd0a5d659d4cc2d774",
"",
"reply"
],
[
"p",
"92860cc18c592cbc10ddb1afc33a953445bad52368df7d046143768f74bb6c4a"
],
[
"p",
"e3c874f1247ff62d6e27ca4448078133f6677ba24862cce20e41f2c9ed520fcc"
]
],
"content": "Sms is vulnerable, because IMSI catcher, a MITM hacking technique. The authenticators are better. It is worth to use FOSS app. On Android it is e.g. andOTP or Aegis if you want to use Google Authenticator compatible app.\n\n2FA can contain 2 of 3 different kind of auth. Based on:\n- knowledge (e.g. sms or authenticator)\n- possession (e.g. mobile phone)\n- inherence (e.g. fingerprint)\nSo you have to chose 2 different. But some authenticator accept fingerprint instead of numbers provided\n",
"sig": "47270c630de11ed6bbe4381be48abe19ca91d281b37017972af6956bc52765542d6d900421b0c0921ab2046b23c06beefc832c5711658b2d2e9f7957dc0b7290"
}
