'/%3e%3cpath%20d='M50.3943%2022.237V39.5876H43.5185V22.7481C43.5185%2019.2029%2042.0411%2017.3949%2039.036%2017.3949C35.7325%2017.3949%2034.0778%2019.5338%2034.0778%2023.7585V32.9759H27.2434V23.7585C27.2434%2019.5338%2025.5857%2017.3949%2022.2822%2017.3949C19.2949%2017.3949%2017.8027%2019.2029%2017.8027%2022.7481V39.5876H10.9298V22.237C10.9298%2018.6918%2011.835%2015.8754%2013.6453%2013.7877C15.5128%2011.7049%2017.9623%2010.6355%2021.0028%2010.6355C24.522%2010.6355%2027.1813%2011.9885%2028.9542%2014.6917L30.665%2017.5633L32.3788%2014.6917C34.1517%2011.9885%2036.811%2010.6355%2040.3243%2010.6355C43.3619%2010.6355%2045.8114%2011.7049%2047.6847%2013.7877C49.4931%2015.8734%2050.3963%2018.6899%2050.3943%2022.237Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_89_8'%20x1='30.5'%20y1='0'%20x2='30.5'%20y2='65'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%236364FF'/%3e%3cstop%20offset='1'%20stop-color='%23563ACC'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e)
Euer Account wurde gehackt? Im Reel zeigen wir euch die ersten Schritte.
Wie ihr langfristig eure Sicherheit stärkt und Schäden begrenzt, erfahrt ihr auf unserer Website: https://www.bsi.bund.de/dok/6700632
#2fa
3 posts3 participants0 posts today
Estonia launches international search for Moroccan citizen wanted over data theft:
The account used to login wasn't protected by #2FA.
Eesti Rahvusringhääling | ERR · Estonia launches international search for Moroccan citizen wanted over data theft
Add TOTP Authentication to Your Java API with Quarkus and Vault Dev Services
Learn how to secure REST endpoints using Vault’s TOTP engine, Quarkus Dev Services, and QR codes for Google Authenticator
https://myfear.substack.com/p/secure-java-api-totp-quarkus-vault
#Java #TOTP #Security #Quarkus #Vault #2FA
Via @gamingonlinux GOG has added support for standard Two-Factor Authentication (2FA) apps.
Previously, you could enable 2FA of a sort by having them e-mail you a link during log on.
GamingOnLinux · GOG add support for authenticator apps for two-factor authentication (2FA)
Meine Datenschutz und Privatsphäre Übersicht 2025, für Jedermann 
Teilen erbeten ! 
als PDF Datei:
https://cryptpad.digitalcourage.de/file/#/2/file/8os68Lk8YMPfPi1UvHYtTTQI/
#DSGVO #TDDDG ( #unplugtrump )
#Datenschutz #Privatsphäre #sicherheit #Verschlüsselung
#encryption #WEtell #SoloKey #NitroKey #Email #Cybersecurity #Pixelfed #Massenűberwachung #Leta
#Google #Metadaten #WhatsApp #Threema #Cryptpad #Signal
#Hateaid #Cyberstalking #Messenger #Browser #Youtube #NewPipe #Chatkontrolle #nichtszuverbergen #ÜberwachungsKapitalismus #Microsoft #Apple #Windows10 #Linux #Matrix #Mastodon #Friendica #Fediverse #Mastodir #Loops #2FA #Ransomware #Foss #VeraCrypt #HateAid #Coreboot #Volksverpetzer #Netzpolitik #OpenAndroidInstaller
#Digitalisierung #FragdenStaat #Shiftphone #OpenSource #GrapheneOS #CCC #Mail #Mullvad #PGP #GnuPG #DNS #Gaming #linuxgaming #Lutris #Protondb #eOS #Enshittification
#Bloatware #TPM #Murena #LiberaPay #GnuTaler #Taler #PreppingforFuture
#FediLZ #BlueLZ #InstaLZ #ThreatModel
#FLOSS #UEFI #Medienkompetenz
→ SMS 2FA is not just insecure, it's also hostile to mountain people
https://blog.stillgreenmoss.net/sms-2fa-is-not-just-insecure-its-also-hostile-to-mountain-people
“there are 1.1 million people in these western north carolina mountains, 25 million in the rest of the appalachians, and many millions more in the mountain west and pacific ranges.
we have internet, but we have F-tier cell service — what are we supposed to do?”
stillgreenmoss · SMS 2FA is not just insecure, it's also hostile to mountain peoplei have a friend -- she's an old lady born and raised here in the western north carolina mountains. she hates computers, yes, but she's be...
Lots of rumors of a Steam user data leak. TL;DR so far seems to be: don't worry about it, just make sure you are using Steam app 2FA.
https://totalgamingnetwork.com/valve/3537559-no-your-steam-account-details-werent-stolen-or-leaked
https://www.xda-developers.com/89-million-steam-account-details-leak/
totalgamingnetwork.comNo, Your Steam Account Details Weren't Stolen or Leaked - Total Gaming NetworkThe so-called security breach of Steam accounts is actually just a log of SMS text send log records.
SMS 2FA isn’t just insecure—it’s inaccessible. In rural Appalachia, lack of cell coverage means locked accounts, missed codes, and no way in without driving to town. A tech barrier dressed up as a security feature.
https://blog.stillgreenmoss.net/sms-2fa-is-not-just-insecure-its-also-hostile-to-mountain-people
stillgreenmoss · SMS 2FA is not just insecure, it's also hostile to mountain peoplei have a friend -- she's an old lady born and raised here in the western north carolina mountains. she hates computers, yes, but she's be...
This is yet another reminder to utilize a password manager and allow it to generate long, complex passwords. Also, always enable MFA!
PCWorld · Welp, Nvidia’s RTX 5090 can crack an 8-digit password in 3 hours
Quite a cool little song about MFA (2FA) 
愛迪 嚇死! 
在 g0v social 換 #2FA 的頁面按備份碼,擷圖前按 F5 打算讓更新訊息消失,它居然會 refresh 備份碼,好奇多按兩次,心知不妙
重新登入,2FA 無效!幹
Microsoft Authenticator Drops Password Autofill, Users Will Have to Use Edge Browser Instead
#Microsoft #Authenticator #MicrosoftEdge #Passwordless #Passkeys #Cybersecurity #2FA #TechNews #PasswordManager
$38,000… GONE while he was sleeping.
That’s how fast SIM-swapping can destroy your financial life.
In just 3 hours, a hacker took over Justin Chan’s phone number, intercepted his two-factor codes, and emptied his bank and trading accounts. No alarms. No notifications. Just silent access and drained funds.
It didn’t happen because he was careless.
It happened because the attacker exploited a broken system:
- His mobile carrier transferred his number to a new device without proper checks
- His 2FA codes were sent to that new device
- His bank and investment apps trusted that number
This is the $38,000 mistake most people never see coming. Because by the time you realize something is wrong — it’s already too late.
The worst part? Getting the money back was harder than the hack itself.
It took media pressure, endless follow-ups, and months of stress just to get refunded.
Mobile numbers are the new master key — and most people are handing them out unlocked.
If your 2FA is tied to your phone number, it's time to change that.
If your carrier doesn’t lock down your SIM by default, it’s time to upgrade.
And if your bank’s idea of protection is a form letter and a closed case, don’t wait for a wake-up call at 3AM.
Why #MFA is getting easer to bypass and what to do about it
Ars Technica · Phishing attacks that defeat MFA are easier than ever. So what are we to do?
Continued thread
There are different articles floating on the internet of people who've experienced the same as I have. For no reason, without any warning, you cannot uninstall authy anymore on your device.
If you do a few things will happen; one of them is that after installation it will not allow you to get an SMS from your mobile phone, or it will allow that, but you will not be able to add any new accounts.
In either case the program has become worthless and you will get no warning 
Have you started migrating your authy MFA 2FA accounts to open source MFA clients?
¡¿No?!
Please start asap. The company has quietly been changing things with this important program and since they do not allow you to export your accounts easily, you will be in a situation where you have to systematically migrate the most important account you have to open source clients
At a certain point authy will stop working even on your new Androids without explanation no **fucks given**