Page 3 of 4 FirstFirst 1234 LastLast
  1.    19 Jan 2017 #21
    Join Date : Feb 2016
    Maribor, Slovenia
    Posts : 8,959
    Windows 10 (Pro and Insider Pro)
    Thread Starter

    Quote Originally Posted by Kari View Post
    My point: let's say one of these days I do something stupid (it happens, take my word, depending on amount whisky I have consumed that day). Let's say I open a phishing site like this in question and enter my email address, password and a single use security code.

    What happens? Nothing because that code was used and no longer valid. If the scammer would then contact Microsoft pretending to be me saying he / she has forgotten the password and phone was stolen but he needs to access the account, or clicked "I have forgotten password" and then selected "I can't access any of those" when the list of verification options would be shown, the account would immediately be locked for 30 days and I would receive an email about it to my primary verification email, plus a text message to that phone scammer told has been stolen. Those messages would contain a link for me to sign in, verify my identity, reset password and re-open the account.

    Only if I would not react within this 30 day period would scammer gain access to my account.

    Kari
    If you use you code on phishing site, then it is still valid for actual gmail / MS site. In minutes after you are locked out of your account...
      My ComputerSystem Spec
  2.    19 Jan 2017 #22
    Join Date : Oct 2013
    A Finnish expat in Germany
    Posts : 12,976
    Windows 10 Pro

    Quote Originally Posted by AndreTen View Post
    If you use you code on phishing site, then it is still valid for actual gmail / MS site. In minutes after you are locked out of your account...
    I use authenticator app. The codes change every 30 seconds and are valid about a minute thereafter. Honestly, I do not have much fear about they being used.
      My ComputerSystem Spec
  3.    19 Jan 2017 #23
    Join Date : Feb 2016
    Maribor, Slovenia
    Posts : 8,959
    Windows 10 (Pro and Insider Pro)
    Thread Starter

    Quote Originally Posted by Kari View Post
    I use authenticator app. The codes change every 30 seconds and are valid about a minute thereafter. Honestly, I do not have much fear about they being used.
    Of course you don't have to fear...

    This is from my previous respond to you...

    This doesn't apply to you as you would never put info into that fields...
    I'm only stating that average user could (and it already was successful) give his /hers code to phising site..
      My ComputerSystem Spec
  4.    19 Jan 2017 #24
    Join Date : Oct 2014
    Posts : 2,462
    W10 Pro + W10 Preview

    Quote Originally Posted by AndreTen View Post
    @TairikuOkami is experienced user and in my opinion can manage the threats in his own way. This could be only irresponsible to inexperienced users. They can get a lot of good conclusion from debates as this one
    Whilst it is an admiral trait to defend an obvious acquaintance, it is stupidity of the highest order to defend information that could compromise the safety of anyone reading it believing he is an expert on the subject.

    As to your knowledge on two factor authentication.....it is obvious Kari,s clearly explained workings have not registered with you.
      My ComputersSystem Spec
  5.    19 Jan 2017 #25
    Join Date : Feb 2016
    Maribor, Slovenia
    Posts : 8,959
    Windows 10 (Pro and Insider Pro)
    Thread Starter

    Quote Originally Posted by dencal View Post
    Whilst it is an admiral trait to defend an obvious acquaintance, it is stupidity of the highest order to defend information that could compromise the safety of anyone reading it believing he is an expert on the subject.

    As to your knowledge on two factor authentication.....it is obvious Kari,s clearly explained workings have not registered with you.
    Or that my explanation of possible weakness reached you. I'm using it myself (2 step auth, that is)

    Not that I'm defending anybody's behavior. I'm just recognizing it as human.

    Edit. mystery to me dencal... why would you think of Tariku as my acquaintance? See his posts on forum and generally approve them...
      My ComputerSystem Spec
  6.    19 Jan 2017 #26
    Join Date : Oct 2014
    Posts : 2,462
    W10 Pro + W10 Preview

    Quote Originally Posted by AndreTen View Post
    Or that my explanation of possible weakness reached you. I'm using it myself (2 step auth, that is)

    Not that I'm defending anybody's behavior. I'm just recognizing it as human.

    Edit. mystery to me dencal... why would you think of Tariku as my acquaintance? See his posts on forum and generally approve them...
    He is a member isn't he, so you are acquainted with his posted opinions, are you not, as I with yours.
    Did I infer personal acquaintance ?
      My ComputersSystem Spec
  7.    19 Jan 2017 #27
    Join Date : Feb 2016
    Maribor, Slovenia
    Posts : 8,959
    Windows 10 (Pro and Insider Pro)
    Thread Starter

    Quote Originally Posted by dencal View Post
    He is a member isn't he, so you are acquainted with his posted opinions, are you not, as I with yours.
    Did I infer personal acquaintance ?
    You pretty much did. Obvious in that statement pretty much implies it

    As for the other part of your statement...

    it is stupidity of the highest order to defend information that could compromise the safety of anyone reading it believing he is an expert on the subject.
    I still think that debate and conclusions made from it are worth more than a single statement. And that average user of Ten Forums is capable of understand difference between safety practices of particular users...
      My ComputerSystem Spec
  8.    19 Jan 2017 #28
    Join Date : Oct 2013
    A Finnish expat in Germany
    Posts : 12,976
    Windows 10 Pro

    An effort to get this thread back to the topic:

    Not using Two-Step Authentication (also known as Two Factor Authentication, TSA, 2FA) to protect your online accounts is not only dangerous but also extremely stupid in todays online world full of scammers trying to get in to your accounts.
      My ComputerSystem Spec
  9.    19 Jan 2017 #29
    Join Date : Feb 2016
    Maribor, Slovenia
    Posts : 8,959
    Windows 10 (Pro and Insider Pro)
    Thread Starter

    Quote Originally Posted by Kari View Post
    An effort to get this thread back to the topic:

    Not using Two-Step Authentication (also known as Two Factor Authentication, TSA, 2FA) to protect your online accounts is not only dangerous but also extremely stupid in todays online world full of scammers trying to get in to your accounts.
    As the word stupid became so popular with you and dencal, seems you are forgetting about fact, that defeating TSA is nothing new. Obviously you won't believe me, would you at least think about it if statement comes from security expert from IBM?

    And again, I'm not saying that TSA isn't better than nothing, but thinking that you are invincible with it... now that would be stupid
      My ComputerSystem Spec
  10.    19 Jan 2017 #30
    Join Date : Jan 2014
    Posts : 1,393
    Windows 10 Pro (32-bit) 16299.15

    Quote Originally Posted by Kari View Post
    Windows Phone users, you can't use Google's own authenticator app but there's a really good alternative in Windows Store called AuthenticatorG. I use it for Google and YouTube authentication, it works flawlessly.
    My understanding was that Microsoft's own Authenticator app uses the same algorithm as Google Authenticator.
    I only have the Windows Phone 7.5 version (so it's possible this compatibility has been removed now), but my old phone still let me login to my Google account when I tested it just now with the Microsoft Authenticator I have.
      My ComputerSystem Spec

 
Page 3 of 4 FirstFirst 1234 LastLast


Similar Threads
Thread Forum
Good email reader for Gmail
Does anyone know of a Good email reader for Gmail that will basically sort by sender and then by date for that sender either ascending or descending date. And then also when you delete, it would actually delete the message, it would put it in trash...
Browsers and Email
New Flash Player Zero-Day in The Wild
A new flaw in latest version of Flash to be patched next week. On my systems I use the free version of Malwarebytes Anti-Exploit to protect my systems. I guess we will see another updated from MS also. ...
Windows 10 News
Didn't take long - MSDN ISO's out in the wild !!!
Hi there Well I suppose it had to happen - the MSDN RTM ISO's are out in the wild already !!! -- but I'd imagine these have their own keys so presumably won't be "Activateable" if you use these to update an existing installation and you aren't an...
General Support
Java zero-day security flaw exploited in the wild
Java zero-day security flaw exploited in the wild | ZDNet
AntiVirus, Firewalls and System Security
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 16:59.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums