Thread: Two factor authentication - have you? Passwords

I list my passwords but in an encrypted file in Word. the encryption is by Trend Micro.

I cannot understand why there is this demand for multi factor ID as if your licence and passport and or medicare are gone then you have the problem.

Most of the problem for those of us who have been told by Optus that only our name address DOB and email have been hacked is Phishing , and we are always alert to this. Our email and password for a book shop in Canada was "pawned" years ago and so we are used to crap emails. I just hope Optus is not speaking with forked tongue or actually knows the true extent of the data hacked.

I cannot see how 2 factor helps in these circumstances.

At present we have one Apple account between 2 Ipods and 2 phones and if we introd 2 factor ID , for sure it goes to the wrong device and needs phone calls to find. I was able to delete it before the time expired.

2 factor iD is usually required for particular websites such as electricity suppliers myGov. Why I don't know as I would be grateful if someone paid my bill. If someone cut off my power I would soon know!

I also do not see why you should change all your passwords on non Optus accounts, as they have not been compromised and any hacker would have the same problem as me when I forget one. I changed my password on my Optus account even though they said don't bother!

I think the most elegant solution I have seen is on one of my bank accounts where the password is a number and the order of the keyboard on the screen changes randomly. Could be overpowered I guess with a very powerful computer.
Regards PhilipA

Originally Posted by NavyDiver

thatSfanstick$#tOTE

Mods, swear filter dodge! $100.00 fine?

Originally Posted by PhilipA

I list my passwords but in an encrypted file in Word. the encryption is by Trend Micro.

I cannot understand why there is this demand for multi factor ID as if your licence and passport and or medicare are gone then you have the problem.

Most of the problem for those of us who have been told by Optus that only our name address DOB and email have been hacked is Phishing , and we are always alert to this. Our email and password for a book shop in Canada was "pawned" years ago and so we are used to crap emails. I just hope Optus is not speaking with forked tongue or actually knows the true extent of the data hacked.

I cannot see how 2 factor helps in these circumstances.

At present we have one Apple account between 2 Ipods and 2 phones and if we introd 2 factor ID , for sure it goes to the wrong device and needs phone calls to find. I was able to delete it before the time expired.

2 factor iD is usually required for particular websites such as electricity suppliers myGov. Why I don't know as I would be grateful if someone paid my bill. If someone cut off my power I would soon know!

I also do not see why you should change all your passwords on non Optus accounts, as they have not been compromised and any hacker would have the same problem as me when I forget one. I changed my password on my Optus account even though they said don't bother!

I think the most elegant solution I have seen is on one of my bank accounts where the password is a number and the order of the keyboard on the screen changes randomly. Could be overpowered I guess with a very powerful computer.
Regards PhilipA

Multi Factor authentication in its purest form is the combination of multiple ways to authenticate yourself, as an example, something you know (password) something you have (card, token) and something you are (fingerprint, iris scan, facial recognition) these multiple factors make it much more difficult to gain access to a secured resource, although we've all seen the movies where the chap's finger is cut off and presented to the fingerprint reader. The risk for electricity suppliers is that electricity bills can be used as a reference for establishing 100 points of ID to get a licence or passport and it's a bad look for them if people can download documents from their website, oh, and they care deeply about your privacy /sarcasm off
Agree if you have differing passwords then there is little need to change them across services but most security advice is given at the lowest common denominator (the person who uses their pet's name for all their passwords)

Regards,
Tote

Yes agree. It never ceases to amaze me that people who are "phished" don't seem to do the most elementary check of actual sender on the email.
A pretty common one is the Australia Post/ fedex/whatever package is coming.

One of my friends who I thought was reasonable savvy had his hard disk locked.

The worst I have had is credit card details hacked about 3 times. "falcon" told me that one was intercepted in a Thai telecommunications exchange,and the others were intercepts to websites.
Regards PhilipA

Originally Posted by NavyDiver

Did you shout it out every time we got that cash envelope like us Matlows did I did use mine for a few years

Yep, NO number NO pay is a bloody good incentive to remember it

Originally Posted by Tombie

Trout - delete that post, you've almost given away half the effort to crack a password by that statement (unless it was a lie )

Mate you were most likely not even born when I got issued that number and without knowing the rank, date of enlistment and FULL name it is nigh impossible to find someones service number.
Drivers licence, passport and medicare numbers are easy pickings, Service numbers are somewhat harder to find

Originally Posted by p38arover

I had to look up that spelling, I've always spelled it "matelot" - but it appears your spelling is an alternative which I've never seen before.

Got me too, Ron. I've never seen "Matlow" previously.

^^ One never stops learning.