How does 1P relate to "SIM crime"?
"Mobile carriers give control of our numbers to hackers, who can then drain our bank accounts in minutes."
https://www.nbcbayarea.com/news/local/Mans-1M-Life-Savings-Stolen
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
My apologies, ag_ana.
Proper link is this:
https://www.nbcbayarea.com/news/local/Mans-1M-Life-Savings-Stolen-In-Cell-Phone-Scam-509097961.html
0 -
Hi @WFA,
Thanks for the updated link.
The 1Password membership service does not use SMS for any sort of authentication so blunders like this by cell carriers wouldn't have any impact on 1Password. We don't recommend using SMS based authentication for any service that you're using. If given the choice TOTP would be the better option, and 1Password can be used as a TOTP authenticator:
Use 1Password as an authenticator for sites with two-factor authentication
I hope that helps. Should you have any other questions or concerns, please feel free to ask.
Ben
0 -
Update: an earlier version of the post above was mistakenly missing the word "don't." To be clear: we do not recommend SMS for authentication.
Ben
0 -
Thank you for that correction, Ben.
0 -
You're very welcome. I'm glad my colleague @rudy spotted it for me. We do have some other posts about how SMS has been problematic in this regard, dating as far back as 2016ish:
https://discussions.agilebits.com/discussion/65775/is-otp-more-secure-than-sms-code
Ben
0 -
I checked a couple of financial institutions and found only SMS authentication, and no QR codes.
1P's TOTP approach appears a bit daunting anyhow.
0 -
I checked a couple of financial institutions and found only SMS authentication, and no QR codes.
That's unfortunate.
1P's TOTP approach appears a bit daunting anyhow.
It's pretty simple. You just scan the QR code the website gives you using 1Password and then 1Password generates the TOTP codes for you. :)
Ben
0
