You shouldn't use your phone number for 2-factor authentication

what if i eject the sim card to my old phone and place it to the new phone what will happen?

I know how

Why don't they just use another email address, With a PW, and 2FA. Even if hackers get in your Cellphone, they still need to know 2 sets of Email PW's, to get to the Sent Codes, or Links. And you Don't need YOUR Cellphone to login to an Email account.

What about Backup codes?

I got mine account retrieve without no delay thanks @mizertech9 on instagram you did prefect one

I got mine account retrieve without no delay thanks @mizertech9 on instagram you did prefect one

Thanks to this software hacker that helped me to recover my disabled account in few Time @mccarroll6222 on ig or mccarroll62 on Snapchat

Lol i have to activate my simcard with my fingerprint when purchasing one

But if they had all that information on me, they could just hit account recovery instead..😂

That's a long hacking process. Just keep using your 2FA

Black live matter bcos they want to loot during black Friday

i dont even want this bs on my google account. cant even remove it

Pretty much we’re screwed now that the hackers have all put personal data anyway. They can just pretend to be us and reset the password. Doesn’t really matter what you do now.

What happend to deray was an isolated case

10 years later.... You should use your phone for 2-factor authentication

video is dumb. 2fa is still FAR better than just using a password. yeah, someone can spoof your phone number, but that's only an option if they already have your initial password. *eye roll*... stop spreading information to make people less safe. security is not a joke or game.

dumb video

hacker only hack something important and has value for them

So I guess you made this video just because no one else did?

i thought this vid was going to be using your phone while doing number 2s.

Well i always change sim 😂

In India for number porting to another service provider you have to give unique port code which would be sent to the phone. so porting cannot be done without access to the phone itself.

in some stupid countries this is true but in europe you have to go in person with ID to get new sim. yes ID can be forged too but it is a bit more complicated than giving some data over phone.

They can still do it even if you never did the two step verification in the first place though

but those thing save my google account... the provider should be the one responsible for protecting our data.. though...

This is liberal propogenda

Just basing on the video, it seems then that the weakest link is not your phone - it's your service provider. While it'd be nice to choose what type authentication to use, consumers/users don't make that decision. Still some very good take aways.

So basically nothing is safe nowadays

In India, SIM card purchases require biometric confirmation using fingerprint. Also you need to generate a port code by sending an SMS from your device before being able to port out to another carrier. This requires physical access to the phone.

rip my steam account

Please dont't forget that your username and password are stored in a database and could be leaked, too. Just don't use any passwords at all...

I think im just gonna keep using my phone, I'm to cheap to get the yubikey thing.....

This actually happened in the Philippines. Globe Telecom user got his phone number sim-swapped, and then his banking accounts were seized.

Lots of services will allow you to use your phone number authentication + plus a security question or more rarely just the phone number auth alone to reset your password. It is basic Social Engineering. In some circumstances it's as easy as calling the service provider, giving basic information you can find about someone on Facebook for example, and asking them to mail a replacement sim to your address.

Why should I worry? I'm not high profile nor do I have important credentials on my accounts.

sounds like it's the service provider that's the weak link, not my phone.

*cough* social engineering *cough*

Basically its yubi key ad

Name of the music.

While is not perfect, the attack vector described in the video is only for targeted victims. You must be a person of interest before the hacker go through the trouble of porting your number over. If they are just taking over accounts at large scale they will just move on to the next victim.

Statistics show mostly black people get hacked because their password is usually "password"

Fack the music is annoying AF. I had to mute this shit! 🤦🏻‍♂️

Speak!

y'all are thinking too hard

Im not that important person .. so no one gonna hack mine lol

Something that would fix this would be for phone providers to change their policy where if you want to change your number to a new sim card you have to hang up and let them call that number you want to change back in order to varify that you are who you are.

I AM GLAD HE WAS HACKED