30
That one time 2FA saved my account from a burner phone attack
Got a weird text at 3 AM last month. Someone was trying to reset my PayPal password from a number I didn't recognize. Had 2FA set up through Google Authenticator already. They had my email and password somehow but couldn't get past the code. Has anyone else had close calls like this with SMS codes vs authenticator apps?
2 comments
Log in to join the discussion
Log In2 Comments
kim37319d ago
Read a thing not too long ago about how SMS codes are actually kind of weak because of SIM swapping. That's where someone tricks your phone company into moving your number to their sim card, then they get all your texts. So if you're just using SMS for 2FA, a burner phone attack could still work on you if they got your number ported first. The authenticator app codes are way safer since they're tied to your phone itself, not the network. Makes me glad I switched mine over after that article.
2
michaelchen19d ago
Yeah, that SIM swapping stuff is scary. I had a friend who got hit that way and it was a nightmare to sort out. Definitely makes you appreciate the app-based ones more.
2