Vitalik Buterin pfp
Vitalik Buterin
@vitalik.eth
Finally got back my T-mobile account (yes, it was a sim swap, meaning that someone socially-engineered T-mobile itself to take over my phone number).
48 replies
186 recasts
590 reactions

Vitalik Buterin pfp
Vitalik Buterin
@vitalik.eth
Main learning re twitter was: > A phone number is sufficient to password reset a Twitter account even if not used as 2FA. Can completely remove phone from Twitter. I had seen the "phone numbers are insecure, don't authenticate with them" advice before, but did not realize this
10 replies
11 recasts
95 reactions

Joe Blau 🎩 pfp
Joe Blau 🎩
@joeblau
Using a phone number with 2FA is so bad, I send an email to USAA every year telling them to remove phone number 2FA on their site. TOTP, FIDO, or Yubikey... anything but phone number.
1 reply
0 recast
3 reactions

accountless pfp
accountless
@accountless.eth
capital one does the same fml
1 reply
0 recast
0 reaction

Joe Blau 🎩 pfp
Joe Blau 🎩
@joeblau
I’m just waiting for them to get hacked. I should send another email to [email protected] again πŸ˜‚
1 reply
0 recast
0 reaction