You are viewing a single comment's thread from:
RE: You Just Got SIM Hacked! Now What? Crypto Mondays, San Juan July 8th
Sorry to hear it. I use Yubico for 2FA, but in some cases Trezor can perform the same function. Trezor can also store your passwords.
Security will become an increasingly unsustainable nightmare until authority relinquishes control and decides to allow their security model to be turned inside out (no large honeypots or large databases of sensitive info). Data needs to live in it's own rightful location and not be hostage to authority. Hashes of data can prove ID on the rare occasion it is needed.
Thankfully, the community member impacted by this did not lose any funds at all. Other than not using a password manager and still having a phone number as part of the account recovery approach, their setup was fairly secure (no funds on exchanges, 2FA with Google auth on exchanges, etc, etc).
YubiKey's are interesting for sure. I have one but haven't started using it yet and got a little spooked with the recent recall on some models. I personally think the simplicity of Google Auth accomplishes much the same thing, but may be slightly less convenient. At least with google authenticator, I have to unlock my phone. I'm not as sure how YubiKeys work in that regard (anyone who has it can use it, assuming they also have my login password), but I should probably try it and play with it more.