May 16, 2021

What are your recommendations for staying more secure online?

Hi all,

Recently I was discussing with a friend of mine (who has a background in programming) the best way to stay secure online and 2FA. I suggested that one should use a password manager such as Bitwarden (which I use myself) and 2FA however I stated 2FA by means of SMS is not as secure as many would think as a hacker can easily do a sim switch to gain access to your information. My friend then stated that it is still secure as the phone provider in our country asks for ID when switching sims. As a result may I ask, as security professionals what are your thoughts on this? I do not have a background in programming or security but I do want to ensure my data is safe especially as our information is being increasingly stored online. In the future I hope to acquire a Yubikey (which I also mentioned to my friend) but are there any other tips you would recommend? Any help would be greatly appreciated!

Comments

vornamemitd

Also: /r/privacy and /r/cybersecurity101

The liberalization and digitization of the mobile telco industry brought us a wealth of options, alternatives and stuff like: https://krebsonsecurity.com/2021/03/can-we-stop-pretending-sms-is-secure-now/

SMS is insecure – still not a commodity hack, as someone needs to specifically target you, but given the lax controls implemented both at major telcos and small shops it‘s a pretty meh factor.

For anything you value – use authenticator apps where possible. And on a side note – I am pretty sure I can get your SIM with a photoshopped printout of “your” ID in a lot of small telco outlets =]

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.