Crypto Tips: How 2FA Can Fail & What You Can Do About It

  • Monday, 10 June 2019 13:46
For exclusive travel vlogs and early access to content check out my Patreon account here: https://www.patreon.com/cryptotips Earn BAT and Help support Crypto Tips by joining Brave Rewards: https://brave.com/cry258 Find me on Steemit: www.steemit.com/@heiditravels Twitter: @blockchainchick Instagram: @hheidiann Bit.tube: RealCryptoTips Get that BRAVE Browser! : https://brave.com/cry258 Check out the new hardware wallet Ellipal HERE: https://order.ellipal.com/?ref=5c08236b8e68e Thinking about purchasing a Ledger Nano Hardware Wallet? Browse their official website: https://www.ledgerwallet.com/r/67ef Want to join coinbase to begin your crypto journey? Here’s a link to get free $10: https://www.coinbase.com/join/558828d LINKS FOR ADDITIONAL READING FOR THIS VIDEO & ALL INFO IN TEXT DOWN BELOW: Hackers Overcoming 2FA: https://www.csoonline.com/article/3399858/phishing-attacks-that-bypass-2-factor-authentication-are-now-easier-to-execute.html Types of Phishing Attempts: https://blog.malwarebytes.com/101/2017/06/somethings-phishy-how-to-detect-phishing-attempts/ How to Avoid Phishing Attacks: https://www.tripwire.com/state-of-security/security-awareness/6-common-phishing-attacks-and-how-to-protect-against-them/ Digi-ID: https://www.digi-id.io/index.html Hydro Raindrop: https://projecthydro.org/raindrop-phase/ Using an additional security layer like 2FA, or 2 factor authentication is something that I’ve been recommending since the start of this channel nearly 3 years ago. For those who may not know what 2FA is or why it would be recommended, here is a brief review:If you use websites that require you to log in, and if your account there involves sensitive information like your bank details, create card details, or cryptocurrency wallets, simply using an email and password to protect that information is not the best line of defense. Reason being that typically people use the same passwords over and over again for multiple site, and often times these passwords can be easy to guess. There is also a threat of phishing attacks, but I’ll get into that later on in this video. 2FA is an additional layer of security that comes in the form of an app that you can download on your phone, the most popular being Google’s Authenticator App and the Authy App. Both are free and relatively easy to set up. These apps create 4 digit codes which reset every 15 seconds or so. If you enable 2FA on a website that allows it, when you log in, you’ll then have to reference the code provided by the 2FA app. This means that unless a hacker is in control of your phone at the time of your logging in they can’t gain access to your information. Or at least that used to be the case. There was an article which I tweeted about last week that shows how 2FA isn’t as infallible as we’d all hoped. In fact, not only has it been possible to circumvent for a while, now it’s becoming easier to do. I will provide a link to this article down below in the description so that you can dig into it yourself and hopefully learn something new about internet security in the process. The key take away here is that the hackers are still relying on their potential victims to fall for their phishing attempts, to click on their fateful links that ultimately opens your digital door for them to step inside, poke around and steal everything that they can. I can’t make a video about this topic without including how to avoid phishing attempts. Often times they present as emails that scare you into action. Something has suddenly gone wrong, your information is at risk and you need to click a link or respond with your login information like passwords or phone numbers. Often times they are fake websites with URLs that look NEARLY identical to the real thing, but are slightly misspelled or they have the wrong ending like .co instead of .com. You proceed to log in with your information and you’ve given it all right over to the hacker. That is the crux of this problem, the phishing attempts. If you never fall for them, you won’t be a victim of them. If you’d like additional peace of mind, there are other, new options that leverage the strength of blockchain technology in your favor to secure your information and enable you to verify your identity often in ways that are easier than traditional log in requirements. If you’re interested, check out DigiID, provided by the Digibyte platform. There is also Hydro platform’s application called raindrop. Both of these are new, meaning there aren’t many websites that have implemented them. But they exist, and there’s certainly a need for more options like this to crop up in the future so keep an eye out for them!

Additional Info

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

Disclaimer: As a news and information platform, also aggregate headlines from other sites, and republish small text snippets and images. We always link to original content on other sites, and thus follow a 'Fair Use' policy. For further content, we take great care to only publish original material, but since part of the content is user generated, we cannot guarantee this 100%. If you believe we violate this policy in any particular case, please contact us and we'll take appropriate action immediately.

Our main goal is to make crypto grow by making news and information more accessible for the masses.