Results 1 to 10 of 13

Hybrid View

  1. 02-22-2022 06:27 AM #1
    Canadane
    Player
    Canadane's Avatar
    Join Date
    Jul 2011
    Location
    Limsa Lominsa
    Posts
    7,499
    Character
    King Canadane
    World
    Hyperion
    Main Class
    Sage Lv 100
    2FA wouldn't have prevented a situation like this when you log into a phishing site, which 99% of these cases are. You'd have just entered your OTP and thought you were logging in like normal. The hacker would have logged into your account all the same.
    (0)

    http://king.canadane.com
    Reply With Quote Reply With Quote
  2. 02-22-2022 10:21 AM #2
    Arrhin
    Player
    Arrhin's Avatar
    Join Date
    Dec 2018
    Location
    Ul'dah
    Posts
    475
    Character
    Arrhin Terremiaux
    World
    Zalera
    Main Class
    Scholar Lv 90
    Quote Originally Posted by Canadane View Post
    2FA wouldn't have prevented a situation like this when you log into a phishing site, which 99% of these cases are. You'd have just entered your OTP and thought you were logging in like normal. The hacker would have logged into your account all the same.
    Not without the code from the physical token, or the app. The hacker would not have been able to remove the token, nor log in. 2FA isn't fool proof but it isn't as simple as "get password, log in". This is precisely what 2FA is designed to prevent as far as I know.

    (Edit for clarity) The code I'm referring to is the on printed on the back of the physical token, or the one generated by the app when it is registered. This is needed to remove 2FA from the account. SE will remove it if reported lost or stolen, though I cannot say what the process there is but I would hope it is extensive in regards to confirming the legitimate account holder.
    (1)
    Last edited by Arrhin; 02-22-2022 at 10:24 AM.
    Don't touch me there
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »