What is your mothers maiden name?

Page 2 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.

Red Squirrel

No Lifer
May 24, 2003
68,457
12,611
126
www.anyf.ca
My bank is text or email. That works well, and is fairly fault tolerant. If I'm online with the bank, I can get one of those things. I don't use banking apps. They're proprietary, and they duplicate the function of a web browser. I don't need 100 apps that each access a special little part of the web when one "app" will do it all.

Yeah I'm ok with text or email, though for some reason it's considered insecure and you're better off not having it at all so most services don't offer it anymore. I think it has to do with sim swap scams, but I don't get why it's considered THAT insecure compared to not having it in first place.
 

brianmanahan

Lifer
Sep 2, 2006
24,419
5,852
136
I kinda hate the current state of two factor auth. Too many of them rely on a phone app and they're all proprietary. What if you lose your phone or upgrade it or the OS craps out etc. Wish they would have a standard where you just get some kind of key and that key can be added to a piece of software or hardware that runs on any platform/device.

that is why i'm going to switch to google advanced protection in the next month or so.

it limits some features but i think i can live with those


 

Red Squirrel

No Lifer
May 24, 2003
68,457
12,611
126
www.anyf.ca
You can't really "switch" to anything though, every service uses it's own thing, sure some of them might use Google, but not all of them. It would be nice if there was a single standard they all used where you can buy a key (or download a piece of software) that conforms to this standard and it just works on all services.
 

Ichinisan

Lifer
Oct 9, 2002
28,298
1,235
136
I kinda hate the current state of two factor auth. Too many of them rely on a phone app and they're all proprietary. What if you lose your phone or upgrade it or the OS craps out etc. Wish they would have a standard where you just get some kind of key and that key can be added to a piece of software or hardware that runs on any platform/device.
I use Google Authenticator for many 2FA sites / services.

Dropbox
Hotmail
Gmail
AnandTech
...
 

Ichinisan

Lifer
Oct 9, 2002
28,298
1,235
136
My bank is text or email. That works well, and is fairly fault tolerant. If I'm online with the bank, I can get one of those things. I don't use banking apps. They're proprietary, and they duplicate the function of a web browser. I don't need 100 apps that each access a special little part of the web when one "app" will do it all.
I don't do that because...

1. Hijackers have repeatedly gained access by convincing phone network CSRs to activate your phone number on a new SIM/device. Several YouTubers lost their phone numbers temporarily and then discovered that their YouTube channel, email, and everything else had been compromised.

2.It doesn't work when your mobile device doesn't have a signal.
 

Red Squirrel

No Lifer
May 24, 2003
68,457
12,611
126
www.anyf.ca
I use Google Authenticator for many 2FA sites / services.

Dropbox
Hotmail
Gmail
AnandTech
...

That requires a phone though so if you lose your phone or what not you're screwed. I would really like something that can run on a regular computer and that can be backed up.

That and not all sites use Google so you still end up with some services that require their own app or whatever. That's why I wish there was just a standard protocol of sorts rather than each site using their own thing or even having to rely on a 3rd party like Google.
 

Ichinisan

Lifer
Oct 9, 2002
28,298
1,235
136
That requires a phone though so if you lose your phone or what not you're screwed. I would really like something that can run on a regular computer and that can be backed up.
Well, not really. If one of my computers still has an unexpired authorization for Gmail / Hotmail / AnandTech / Dropbox / [whatever], I can register a new 2FA device.

That and not all sites use Google so you still end up with some services that require their own app or whatever.
AnandTech doesn't specifically support Google as far as I know. There's some kind of universal standard where anyone can make a 2FA app and it will work for those services.

That's why I wish there was just a standard protocol of sorts rather than each site using their own thing or even having to rely on a 3rd party like Google.
There is :)

If I search the iOS App Store for "authenticator," I find a ton of apps that will work for AnandTech / Google / Hotmail / Dropbox / [whatever]
 

Red Squirrel

No Lifer
May 24, 2003
68,457
12,611
126
www.anyf.ca
Hmm interesting so how exactly does it work like how does it interface with the site? Is there a PC/Linux version that can run on a normal computer? Ex: something web based where I can just set it up on a local web server? I just want something that can easily be backed up via cron job. Of course I would need access to that system when I go to login to these sites.