All Posts by Date or last 15, 30, 90 or 180 days.
also by Lloyd: photography and

Links on this site earn me fees or commissions.
As an Amazon Associate I earn from qualifying purchases @AMAZON

Other World Computing...
B&H Photo...
Upgrade the memory of your 2020 iMac up to 128GB
Upgrade the memory of your 2020 iMac up to 128GB

2-Factor Authentication (2FA) for Securing your Computer of Phone or Tablet Logins

re: cyber social engineering
re: 2-factor authentication

2FA = 2-Factor Authentication, a hardware device ("token") for login together with a a conventional login.

If thieves steal your phone your entire digital and financial life could also be stolen.

While thieves might also steal a 2FA device, such a device is easily hidden, and thus less likely to be stolen along with the phone/tablet/computer.

Reader Don H writes:

Do you have a recommendation for a 2-factor device?

MPG: excellent question. Standards have changed* and now there are general purpose 2FA.

Incredibly, very few financial sites support hardware 2FA devices and nearly all of them require a proprietary hardware token, making it a hassle to deal with more than one company.

For that matter, the vast majority of sites today have no support for 2FA hardware tokens.

The good news however, is that if you secure a password manager with a hardware token (eg 1Password on an iPhone), then theft of your phone is much less of an issue. The same applies to 2FA hardware tokens used with a password manager on computers.

General purpose 2FA hardware tokens are easy to use, but:

  • With which service(s) does the device work?
  • With which device(s) does the device work?
  • Compatibility: USB-A or USB-C and/or NFC connectivity.
  • How many 2FA devices? Consider two of them, in case one is lost.


Multi-Factor Authentication security key @AMAZON

It might come down to a specific device for a specific company in all too many cases. And some companies don’t even offer it; for example, I could not find any such option on Charles Schwab.

It all looks pretty sucky given that Schwab, Chase, etc all use proprietary tokens. Unless you have a specific use case, the Yubikey doesn't look useful, not in any general way.

Reader Don H writes:

I look into this every few years just to see if there’s been some usability breakthrough that makes it worth pursuing further, but after about three paragraphs of any review my eyes glaze over and I decide I can (continue to) live without it.

I’ll keep on using that crumpled-up Post-It note with all my passwords on it and type them in manually like a mediaeval scribe laboring over a manuscript. (Actually, I use 1Password 6 but I do manually copy and paste the passwords in because I refuse to install any browser extensions to save that step. Keep everything separate…)

MPG: I’m totally OK with a password manager on a desktop computer and a laptop with care, and copy/paste is fine but comes with a danger of leaving the password on the clipboard.

It sure looks like until and unless there is widespread adoption of things like Yubikey, I don’t see a use case for 2FA hardware tokens excepting very specific circumstances such as a brokerage account (eg Charles Schwab) or github, or similar.

* Some years ago PayPal sent me one, one of the old-fashioned battery-powered kind that continually displays the curent PIN code. I ended up never used it because I was traveling a lot, and I was worred about losing it and thus losing access to services I needed. But a further issue was that it was good only for PP.

View all handpicked deals...

Apple 13.3" MacBook Pro M1 Chip with Retina Display (Late 2020, Space Gray)
$1899 $1299
SAVE $600 | Terms of Use | PRIVACY POLICY
Contact | About Lloyd Chambers | Consulting | Photo Tours
Mailing Lists | RSS Feeds | Twitter
Copyright © 2020 diglloyd Inc, all rights reserved.
Display info: __RETINA_INFO_STATUS__