Google enforcing two factor Authentication

[king1]

Just saw an email today that google sent to a client, will be turning on Two Factor authentication by default as of Nov 9.  
Will still be able to disable it for now apparently but will be permanent in due course.  Anyone else seen this?  Haven't had one for my account yet. I can imagine that is going to cause a few people some problems accessing accounts...

[yousnoozeyoulose]

Yay, more hoops to jump through! There was muttering from Google back in May, so they must have pushed on with the changes.

It'll be a fun change for those without smartphones especially, but at this stage I can't imagine there's that many using Google services who aren't connected up. Anecdotally, thanks to all the Covid scanning requirements, people have been buying smartphones just to make their lives a little easier so that should lessen the impact.

Personally, 2FA isn't secure enough, I want 4FA minimum. Trying to log in? Check your smartphone. Trying to check your smartphone? Ring this phone number. Trying to ring a phone number? Open the freezer door twice on your smartfridge followed by one press of the icemaker. Only then will we know it's really you.

[Me+Me]

 Open the freezer door twice on your smartfridge followed by one press of the icemaker.

By that time you will have forgotten what you were doing in the Fridge anyway so grab a beer, or your other fav thirst quencher, and carry on back to the couch !

[Oh_hunnihunni]

I had to do something about Samsung Cloud this past weekend and found the 2 factor business a pain.

If my bank doesn't use it, why the hell is it necessary for my photos?

[Me+Me]

2FA can have it's dangers:

https://thenextweb.com/news/hackers-crac...yndication

I"m currently querying my phone provider with regard to 'sim swapping' and what protocols they have to assist in preventing this happening. I did at one time buy a new sim card, (was having problems and thought the old one might be the cause), and then communicated with the provider and got my old number ported onto the new card. I don't recall the security process involved but obviously for the 'Bad Guys' if they have the right info they can take over your phone - then you're in the Poo in regard to banking apps on the phone in particular. So I'm asking my provider to give me any detail on how/what procedures or process they have in place to prevent this.

[king1]

2FA can have it's dangers:

https://thenextweb.com/news/hackers-crac...yndication

I"m currently querying my phone provider with regard to 'sim swapping' and what protocols they have to assist in preventing this happening.  I did at one time buy a new sim card, (was having problems and thought the old one might be the cause), and then communicated with the provider and got my old number ported onto the new card.  I don't recall the security process involved but obviously for the 'Bad Guys' if they have the right info they can take over your phone - then you're in the Poo in regard to banking apps on the phone in particular.  So I'm asking my provider to give me any detail on how/what procedures or process they have in place to prevent this.

that's an interesting point, but they would need physical access to the the sim card wouldn't they?  
you do have to give a number on the sim card for it to be ported...

But your point is valid, what if i borrowed your phone for five minutes, whipped out the sim, took a quick photo of the number...
I could potentially then ring up pretend to be you and transfer the number to a blank sim...

I think this would be more likely with prepaid phones, surely they would confirm you are the account owner if it was an on account phone

[Me+Me]

2FA can have it's dangers:

https://thenextweb.com/news/hackers-crac...yndication

I"m currently querying my phone provider with regard to 'sim swapping' and what protocols they have to assist in preventing this happening.  I did at one time buy a new sim card, (was having problems and thought the old one might be the cause), and then communicated with the provider and got my old number ported onto the new card.  I don't recall the security process involved but obviously for the 'Bad Guys' if they have the right info they can take over your phone - then you're in the Poo in regard to banking apps on the phone in particular.  So I'm asking my provider to give me any detail on how/what procedures or process they have in place to prevent this.

that's an interesting point, but they would need physical access to the the sim card wouldn't they?  
you do have to give a number on the sim card for it to be ported...

But your point is valid, what if i borrowed your phone for five minutes, whipped out the sim, took a quick photo of the number...
I could potentially then ring up pretend to be you and transfer the number to a blank sim...

I think this would be more likely with prepaid phones, surely they would confirm you are the account owner if it was an on account phone

Well I can't exactly say that detail of physical access might have escaped me.   As I say I switched my number to a newly purchased SIM about a year ago but can't recall the exact procedure.  However this 'SIM hijacking' does apparently happen and that's why I'm enquiring about it with the provider.  I don't want to lose all my hard earnt money from my bank accounts.

[Oh_hunnihunni]

An acquaintance of mine had her sim cloned by her grandson. She finally found out when all the extra charges came home to roost, but funny thing, she never challenged him on it. Just got a new sim. I'd've throttled the lout.

[Me+Me]

An acquaintance of mine had her sim cloned by her grandson. She finally found out when all the extra charges came home to roost, but funny thing, she never challenged him on it. Just got a new sim. I'd've throttled the lout.

Wow.  Cloning is different again because that would mean there are two operational SIMs in existence at the same time with the same number.  Wonder how he did that ?  Needs a large boot up the ***** !!!

[nzoomed]

Just saw an email today that google sent to a client, will be turning on Two Factor authentication by default as of Nov 9.  
Will still be able to disable it for now apparently but will be permanent in due course.  Anyone else seen this?  Haven't had one for my account yet.  I can imagine that is going to cause a few people some problems accessing accounts...

I dont have 2fA and am yet to receive any email

[king1]

Just saw an email today that google sent to a client, will be turning on Two Factor authentication by default as of Nov 9.  
Will still be able to disable it for now apparently but will be permanent in due course.  Anyone else seen this?  Haven't had one for my account yet.  I can imagine that is going to cause a few people some problems accessing accounts...

I dont have 2fA and am yet to receive any email

interesting just been to an appointment and that was the problem... maybe they are being selective about it or introducing it over a period of time