I get that this is a social engineering angle, but would something like a yubikey help prevent this?
I was scammed once out of my savings. it was one of those basic ass credit card fraudulent transaction scam. Can't believe I've fallen for it. so I'm pretty suspect of calls now.
drrodneymckay_@sh.itjust.works
on 24 Jun 12:13
collapse
In this case with app passwords it would not. App passwords is a feature to basically support less secure software and scenarios. The problem here is password reuse.
App passwords by design are limited to one auth method or source. Imagine a photo copier sending email. If you needed MFA for each copy and to change the password every 30-90 days, it would be a pain. So app password , longer harder password only used for the one place. But people still use easy password that they use elsewhere.
threaded - newest
I get that this is a social engineering angle, but would something like a yubikey help prevent this?
I was scammed once out of my savings. it was one of those basic ass credit card fraudulent transaction scam. Can't believe I've fallen for it. so I'm pretty suspect of calls now.
In this case with app passwords it would not. App passwords is a feature to basically support less secure software and scenarios. The problem here is password reuse.
App passwords by design are limited to one auth method or source. Imagine a photo copier sending email. If you needed MFA for each copy and to change the password every 30-90 days, it would be a pain. So app password , longer harder password only used for the one place. But people still use easy password that they use elsewhere.