Authy got hacked, and 33 million user phone numbers were stolen - eviltoast
  • COASTER1921@lemmy.ml
    link
    fedilink
    English
    arrow-up
    7
    ·
    6 months ago

    The problem is so many services requiring SMS to be that second factor. From what I’ve heard it’s easy enough to steal a sim that if you’re being explicitly targeted it’s basically the same as no second factor. Yet even if using an authenticator app most services require you to still have SMS/phone as another option for the 2FA.

    For Authy specifically they’d need to guess your master password and then hijack your phone number, and for users of Authy I suspect their passwords are not easily guessed as it’s already a step above the standard SMS only 2FA most services require.