Getting Comfortable With The Basics

Week One Questions, Tech News, & Tips

April 5, 2021

The Gadget Gurus – We do not have any prerequisites. Just come, ask questions about previous topics. I will also review the current tech news. We will do our best to answer questions concerning computers, smartphones, apps, cameras, tablets, the internet, and more. Bring your tech issues and enjoy the meeting.

What to Look for in a Laptop – Laptop shopping help!

 

Question:   SMS and other vulnerabilities Hi Glenn,

Do you think that removing a phone number as a backup for email account registration is advisable?

Can We Stop Pretending SMS Is Secure Now? by Krebs on Security

Separate question:

For Authy to work, does the merchant have to authorize or agree to its use expressly? For instance, would a bank have to agree to work with Authy? –Jay B.

Quoted from the article:

“My advice has long been to remove phone numbers from your online accounts wherever you can and avoid selecting SMS or phone calls for second factor or one-time codes. Phone numbers were never designed to be identity documents, but that’s what they’ve become. It’s time we stopped letting everyone treat them that way.

Any online accounts that you value should be secured with a unique and strong password, as well as the most robust form of multi-factor authentication available. Usually, this is a mobile app like Authy or Google Authenticator that generates a one-time code. Some sites like Gmail, Twitter, and Facebook now support even more robust options — such as physical security keys.”

It would be best to use a Time-Based Authentication (TBA) app like Google Authenticator or Authy, not SMS, whenever possible. 

The web must provide for TBA in ogre for you to use it. If a merchant or service provider does not allow for an alternative to SMS or phone call authentication, it might be a good idea to find an option if possible. Vote with your feet.

Two-Factor Authentication: Who as It and How to Set It Up by pcmag.com – Don’t let scammers get their hands on your sensitive information. Here’s how to secure your online accounts—from Amazon and Google to Twitter and WhatsApp—with two-factor authentication (2FA).

As for completely removing all phone numbers, remember that you might be locked out of the account forever if you lose your login info. It is imperative not ever to lose track of your passwords and 2FA credentials.

Tech News articles that refer to this question.

Some references: 

Tech News, & Tips

Tech News by Topic