The debate that keeps me up: is two-factor authentication a lifesaver or a trap?

I was at a coffee shop in Seattle about 3 months ago. Guy next to me, older dude, starts telling me his whole story. He said 'I lost access to my email because my phone broke and I couldn't get the 2FA code.' Took him 2 weeks to get back in. But on the other side, I've had friends who got their accounts hacked because they didn't have it on. So which is it really - are we safer with it or are we just adding another way to get locked out? Has anyone else had a nightmare situation with either approach?

3 comments

3 Comments

murphy.aaron26d ago

Read something just last week about this... a security researcher posted that 2FA stops like 99% of automated attacks but it's the targeted ones that break people. Had a buddy who used to work at a big tech company tell me they actually saw cases where people got locked out of their bank accounts because the SIM swapping thing happened to them. That's the part that worries me honestly... you're basically putting all your trust in your phone company not messing up. But then you hear stories about people getting their email wiped out because they had no protection at all. Feels like there's no perfect answer here.

mark43626d ago

Yeah I switched to an authenticator app instead of SMS and havent had a single issue since.

torres.thea26d ago

Oh man, I feel you - I went the authenticator route too, but then I locked myself out of my own email for three days because I dropped my phone in a puddle and forgot to save the backup codes. At this point I'm convinced the hackers are winning and I'm just here to provide comic relief.

-1