You are viewing a single comment's thread from:

RE: Authy Is Trying To Automatically Prevent Coinbase Account Takeovers For Their Users

in #bitcoin8 years ago

Completely agreed. In reality, the attack where people's Authy accounts are getting compromised, is extremely complicated. Most people wouldn't even think it was possible until after it happened.

Right now the recommended authenticator seems to be Google Authenticator as you've pointed out. There are a few other things you should do as well though. One is to make sure that you are using two factor on your email address. I believe that the victims of these attacks were not using 2fa on their email. The other thing is that you should probably remove any recovery phone numbers that are associated with the email you used to sign up for Coinbase. Unfortunately the phone porting attack could be used to take over the email address, which could lead us down a similar attack path that could result in the Coinbase account being compromised again. So TL;DR: use Google Authenticator on everything you can, and remove recovery phone numbers from all important accounts.