94

So, why do almost all banks, in the U.S. at least, only support the worst 2FA authentication method exclusively? And, this article doesn't mention SIM-swap attacks, which are unavoidable. It can't be that difficult to support an authenticator app.

https://gizmodo.com/feds-warn-sms-authentication-is-unsafe-after-worst-hack-in-our-nations-history-2000541129

#Cybersecurity

you are viewing a single comment's thread
view the rest of the comments
[-] DahGangalang@infosec.pub 19 points 4 days ago

I bet its the cheapest and/or easiest to implement. Why do more than the bare minimum, amirite?

^I feel like mine is a bad faith opinion, but I also feel passionately about this and want to ensure your post is getting some level of engagement so it can maybe get some proper discussion going.

[-] subtext@lemmy.world 4 points 4 days ago

I would wonder if they have done the cost / benefit of having to have support staff to help boomers who can’t use a TOTP app vs the cost of covering losses from SIM-swapping attacks. It’s probably a significant amount of money to hire all the people needed to support every grandma who can’t figure out where the six numbers come from.

load more comments (3 replies)
this post was submitted on 20 Dec 2024
94 points (100.0% liked)

Cybersecurity

2 readers
7 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Rules

Community Rules

founded 2 years ago
MODERATORS