Quote (Cheetos @ Dec 5 2018 12:42am)
is that how you got this account? :rofl:
haha good 1 man ROFL!1!
Quote (Caulder10 @ Dec 5 2018 08:24am)
hell no
can't use a cellphone where I use a pc so would never be able to get on.
You don't have to use it if you don't want/are unable to.
Quote (FreeUsername @ Dec 6 2018 07:33am)
Its a forum, not a bank.
This kind of backwards attitude really hinders progress.
Quote (ium @ Dec 5 2018 07:10am)
That is very true! Just as much as if someone got
access to your email (which is protected by only one password) they can verify your 2 FA. If you use 2FA on the cellphone you are absolutely protected, but once you
lose your
phone number, then you can just imagine the procedure to
verify that you are the rightful owner of your d2jsp account.
How are people going to guess two passwords without your computer being
compromised? And if your computer is compromised, then they can
steal your web-session and use your account without a password. Which means
a
2FA is useless unless you have a gold password combined OR require it every time you send FG.
Does Google 2-step verification protect user from session hijacking? - Short answer: Yes, the attacker can use session hijacking.
source:
https://security.stackexchange.com/questions/56555/does-google-2-step-verification-protect-user-from-session-hijackingBeyond that, SMS 2FA is horrible, and the wrong way to do it.
Session hijacking is a lot more involved than a simple keylogger, and U2F is one of a few solutions to solve that.
Quote (Caulder10 @ Dec 5 2018 08:24am)
How are people going to guess two passwords without your computer being compromised? And if your computer is compromised, then they can steal your web-session and use your account without a password. Which means
a 2FA is useless unless you have a gold password combined OR require it every time you send FG.
Try recovering your account on JSP.
Literally anyone who has access to your email immediately can reset your account and gold password and it's game over. Your computer doesn't even need to be compromised.
This post was edited by xXZyZXx on Dec 6 2018 09:39pm