BarkingGhostar
Diamond Member
Trust your cell phone with banking? LOLOLOLOLOLOLOL I've got a couple of bridges for sale out in the Mojave.
-
We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.
Sim Swap Attacks are a Thing? Man Loses Life Savings.
Page 2 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
ponyo
Lifer
I do everything from my phone, tablet, and laptop. All Apple hardware.
BarkingGhostar
Diamond Member
You understand the risks and you take your chances with others social engineering you out of your moola.
KB
Diamond Member
If your bank lets you wire transfer money from your account with minimal security, you need to find a new bank.
BarkingGhostar
Diamond Member
People want convenience over security. Oh, they'll say that security is #1 concern, but when that comes at an inconvenient cost then they bitch. Can't have it both ways.
ponyo
Lifer
I trust my cell phone connection over any wifi connection other than my home.
BarkingGhostar
Diamond Member
I wouldn't and I work for one of the evil bastards. And I use VPN on my cell phone, but I keep nothing on it except the occasional candid photo and honey do list.
ponyo
Lifer
I'm paranoid when I have to use hotel wifi to log into my financial accounts. Which is why I don't do it unless it's absolutely necessary. I have VPN but don't even trust it for that. But I have zero problem logging in using my cellphone signal.
ch33zw1z
Lifer
Do they support 2FA that isn't SMS, like email? 2FA software? Or security key?
ponyo
Lifer
2FA for this one brokerage I use isn't SMS. It's software app.
https://ibkr.info/article/2879
But they claim they can get me back up and running quickly even if I do lose my phone.
ch33zw1z
Lifer
There's quite a bit to go thru there, knowledge articles etc... Looks good tho, I'm not sure exactly how easy it would be to recover from a lost phone. With the apple phone, I'd be a bit more worried about someone accessing the phone thru that unpatchable security flaw.
snoopy7548
Diamond Member
I only use my home laptop and desktop for financial stuff.
All this talk of how to keep it secure and I am over here going -
Red Squirrel
No Lifer
You can't just "check out" a specific app though. If the site uses authy then you use authy, if it uses google then I need to use google, if they use their own app then I need to use their app etc. That's the problem with the way it is right now everyone does their own thing. And either way you're still forced to use a phone app. Would be nice to be able to use something that works on a desktop or on multiple devices, so it can be more easily backed up, and it's less of a black box. Some sites have multiple options but not all. I used to just use SMS as I feel that's the most universal and less prone to issues if something happens to my phone, but hearing all this horror stories just has me stick to single factor and really strong passwords as that seems to be more secure than SMS.
Heck, email would be nice too, I think I saw a few sites use that. Maybe that would be more secure than SMS as well.
Red Squirrel
No Lifer
Yeah that's a good point too I would never do anything critical like banking on my phone. Phones are insecure by design, they are designed to make it easy for everyone to spy on you. I tend to limit the amount of apps I install or things I do on it. Yeah you get spied on the desktop too, Google, FB etc pretty much knows every site you visit including your banking site and even your balance, but I don't know, I just feel safer doing that stuff on desktop anyway.
at some point i realized drunk me has full access* to all of sober me's financial accounts and it doesn't even require drunk me typing my very long phrase of a password into a tiny phone screen keyboard.
worse, anyone around very drunk/passed out me has full access to all of sober me's financial accounts.
*not quite true, the company retirement account is through ameriprise which doesn't trade from the app so a thief might not be able to get anything useful from that app.
ch33zw1z
Lifer
Not entirely accurate. Sites don't care if you use authy or Google IMXP. I use authy for my Gmail accounts no problem. When you setup 2FA, and it presents the qr code, just add the account with authy instead.
SMS is definitely the least secure 2FA method, and sites should offer something, even if it's email.
Red Squirrel
No Lifer
Wait, you can do that? I figured you had to use whatever app it tells you to use. So you can have just one app for everything? How does the app know how to interface with that site and vise versa? Is there an app that supports working on a desktop? I imagine you would want to get a barcode reader for the desktop but it's not a big deal I think most of them support QR codes and just act as a keyboard?
ch33zw1z
Lifer
Not trying to sound like a fan boy, but Authy has a PC version that can sync with other devices, mac / win / linux version. I have Authy on my Win10x64, and sync'd with two android phones.
Add the accounts with the phone, built in barcode reader
How to use multiple devices:
404 error
authy.com
My Authy passcodes (just for Authy itself) are stored in my Safe in Cloud password manager: encrypted backup, windows master password, 20+ character random passwords
Most of the accounts that support 2FA like this will also generate a list of recovery passcodes, I save those to .txt's and then upload them into Safe in Cloud just in case I ever need them.
edit: I moved from Google authenticate because it doesn't support these same features. I had the same questions as yourself: what do i do if my phone is lost/stolen/implodes, so pinged my RL bro who said go with authy, after about 30 minutes of reading, it was clearly a better choice. The painstaking part was disabling / enabling 2FA on all those accounts so i could add them to Authy. Took me about a week to do them all.
Last edited:
s0me0nesmind1
Lifer
Does FDIC protect against any of these things?
I guess it's a good thing that I don't keep all my money in one place, and have it randomly invested in different Savings, CDs, and investment accounts across a handful of different platforms.
I guess it's a good thing that I don't keep all my money in one place, and have it randomly invested in different Savings, CDs, and investment accounts across a handful of different platforms.
Red Squirrel
No Lifer
Not trying to sound like a fan boy, but Authy has a PC version that can sync with other devices, mac / win / linux version. I have Authy on my Win10x64, and sync'd with two android phones.
Add the accounts with the phone, built in barcode reader
How to use multiple devices:
404 error
My Authy passcodes (just for Authy itself) are stored in my Safe in Cloud password manager: encrypted backup, windows master password, 20+ character random passwords
Most of the accounts that support 2FA like this will also generate a list of recovery passcodes, I save those to .txt's and then upload them into Safe in Cloud just in case I ever need them.
edit: I moved from Google authenticate because it doesn't support these same features. I had the same questions as yourself: what do i do if my phone is lost/stolen/implodes, so pinged my RL bro who said go with authy, after about 30 minutes of reading, it was clearly a better choice. The painstaking part was disabling / enabling 2FA on all those accounts so i could add them to Authy. Took me about a week to do them all.
That's good to know. I honestly did not figure you could use the app you want so thought you were stuck using whatever app they tell you to when you go to sign up. I will definitly check out authy then and look at converting stuff to two factor. I never bothered before as I just did not like the idea of being locked out of everything if something happens to my phone. Don't like the idea of cloud though, but that's just optional right? I want everything I need to be local so I'm not relying on any 3rd party service.
s0me0nesmind1
Lifer
I don't understand this either.
None of my banks allow wire transfers - any of those would have to be done over the phone are much more stringent.
Transfers (ACH) require that I verify ownership of the connecting account first with the test where they deposit a few cents into the other account. That is typically a 1-2 day process - with email notifications all along the way.
kage69
Lifer
I would never use a mobile device for my finances, ever. 2FA is effective, but not perfect. I treat every phone like a burner, though I will admit it's easy as I don't pay for the thing.
I like conveniences, don't get me wrong, but a bit of legwork here and there throughout the day is a good thing. Could be saving sensitive finances for a sterile, secure environment at home even though it requires more steps, or it could mean parking at the back of the lot so I literally stretch my legs while going to the store. It chills me to see people lose their shit and act lost when they don't have benefit of a GPS or smartphone app, something I see far too often. Not trying to defend a lawn here I swear.
I like conveniences, don't get me wrong, but a bit of legwork here and there throughout the day is a good thing. Could be saving sensitive finances for a sterile, secure environment at home even though it requires more steps, or it could mean parking at the back of the lot so I literally stretch my legs while going to the store. It chills me to see people lose their shit and act lost when they don't have benefit of a GPS or smartphone app, something I see far too often. Not trying to defend a lawn here I swear.
ch33zw1z
Lifer
You don't have to use encrypted backup, but you can't use multiple devices sync'd without it.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 25K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 24K
-
-
