4 comments

[ 2.8 ms ] story [ 19.1 ms ] thread
What are the takeaways? Best practices that can be learned from this and applied? Two factor, unique passwords, Google Authenticator, what’s else?
If you lose your two factor, most places have a backup strategy of “we will email you” or “send text to 1234”. Even banks.
Are you saying that’s good or bad?
As in, phone or email and you’re dead. Most email is backed by another email or phone. Targeting a phone like this is probably the sturdiest foothold if you get it right.