Two-factor authentication: What you need to know (FAQ)

Discussion in 'privacy technology' started by ronjor, May 24, 2013.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,722
    Location:
    Texas
    http://news.cnet.com/8301-1009_3-57586014-83/two-factor-authentication-what-you-need-to-know-faq/
     
  2. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    I use two way authentication in most of my important accounts. :D
     
  3. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    There goes your anonymity.

    I hope this does not become a common thing, or I'm just gonna have to stop creating accounts to websites all together.
     
  4. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,851
    Personally I prefer authenticator applications like Microsoft recently (finally) introduced for Microsoft accounts. But I don't see where the anonymity is being lost, a phone number is as anonymous as an IP address.
     
  5. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Your account is associated with your phone number so if your number is tied to your name or location which it is if you use that same phone for daily life. Let's say everyone website is using this new security and you have to give your phone number for a website, let's say BustyAsianBeautys.com. Now your account here is linked to your phone and data mining companies will put all this information together "they will", and thus you go on the record forever as psychologically perverted and you will see suggestive items pop up on your computer browser and amazon account which will be tied to your IP.

    Your IP is as good as your name.
    Your Phone Number is as good as your name.
    The Internet never forgets.
     
  6. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,851
    You kind of proved my point by referring to the IP address. It's the exact same thing as navigating to a site. IP addresses aren't private, neither are phone numbers - they can both be randomly guessed.
     
  7. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    I think phone numbers and IP Addresses are substantially different. Roughly...

    Phone Numbers: Static assignments, very inconvenient to change, in countless databases along with personal and personally identifiable information, heavy selling, affiliate or joint marketing agreement exchanging, etc of such databases (at least in the US), so forth. If a company can acquire your phone number it stands a good to guaranteed chance of being able to lookup your personal information and probably far more.

    IP Addresses: Sometimes static but frequently not for residential customers, often very easy to change, can also be temporarily changed via anonymous proxies, in countless logs and probably in some databases along with personal info, but due to IP Address assignments so frequently changing and ISPs normally not selling IP Address assignment information, they *should* be a significantly less reliable means of acquiring more information about the user.

    The key point to remember is that many people (should!) want to use various Internet resources without exposing their identity... without giving those Internet companies a reliable means of *appending* information. In such situations, giving out your phone number is extremely unwise. In general at least. One must consider other ways in which they might be compromising their identity and info.
     
  8. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    IP can be masked by Proxy or VPN very easy, doing the same with mobile phones is much harder. Hence why the whole thing is coming into practice as a breach of everyone's privacy. Example number one would be Gmail requiring you to give a mobile phone number when you sign up now in most countries. Once you do this your phone number your identity all your Google searches your buying and selling history on almost all websites. Now even when you use a VPN if your logged into Google, Google still knows, Google still follows, and Google still judges.
     
  9. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    Agree. I would not use SMS 2FA for any accounts I wanted anonymity with.

    PD
     
  10. SirDrexl

    SirDrexl Registered Member

    Joined:
    Apr 14, 2012
    Posts:
    545
    Location:
    USA
    Also, these days a phone number is generally tied to one person only. IP addresses are usually shared among people in the household.
     
  11. jimmy011211

    jimmy011211 Registered Member

    Joined:
    May 16, 2011
    Posts:
    9
    I think one of the best, and most anonymous 2 factor ID methods I've seen is being used in LastPass. They generate a grid with letters and numbers at different coordinates. You print out the grid, and whenever you log in to LastPass, they ask for your password as well as the letters/numbers at a certain grid coordinate. Perfect system for anonymity.
     
  12. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    Good tip, thanks.

    PD
     
Loading...
Thread Status:
Not open for further replies.