c_th1<p>Meine Datenschutz und Privatsphäre Übersicht 2025, für Jedermann 🔐</p><p>Teilen erbeten ‼️ :BoostOK: </p><p>als PDF:</p><p><a href="https://cryptpad.digitalcourage.de/file/#/2/file/fQoTfTZJu7LScr1Jus5csQn2/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cryptpad.digitalcourage.de/fil</span><span class="invisible">e/#/2/file/fQoTfTZJu7LScr1Jus5csQn2/</span></a></p><p> <a href="https://digitalcourage.social/tags/DSGVO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DSGVO</span></a> <a href="https://digitalcourage.social/tags/TDDDG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TDDDG</span></a> ( <a href="https://digitalcourage.social/tags/unplugtrump" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>unplugtrump</span></a> )<br><a href="https://digitalcourage.social/tags/Datenschutz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Datenschutz</span></a> <a href="https://digitalcourage.social/tags/Privatsph%C3%A4re" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Privatsphäre</span></a> <a href="https://digitalcourage.social/tags/sicherheit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sicherheit</span></a> <a href="https://digitalcourage.social/tags/Verschl%C3%BCsselung" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Verschlüsselung</span></a> <br><a href="https://digitalcourage.social/tags/encryption" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>encryption</span></a> <a href="https://digitalcourage.social/tags/WEtell" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WEtell</span></a> <a href="https://digitalcourage.social/tags/SoloKey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SoloKey</span></a> <a href="https://digitalcourage.social/tags/NitroKey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NitroKey</span></a> <a href="https://digitalcourage.social/tags/Email" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Email</span></a> <a href="https://digitalcourage.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a> <a href="https://digitalcourage.social/tags/Pixelfed" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Pixelfed</span></a> <a href="https://digitalcourage.social/tags/Massen%C5%B1berwachung" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Massenűberwachung</span></a> <a href="https://digitalcourage.social/tags/Leta" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Leta</span></a><br><a href="https://digitalcourage.social/tags/Google" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Google</span></a> <a href="https://digitalcourage.social/tags/Metadaten" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Metadaten</span></a> <a href="https://digitalcourage.social/tags/WhatsApp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WhatsApp</span></a> <a href="https://digitalcourage.social/tags/Threema" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Threema</span></a> <a href="https://digitalcourage.social/tags/Cryptpad" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cryptpad</span></a> <a href="https://digitalcourage.social/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a><br><a href="https://digitalcourage.social/tags/Hateaid" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hateaid</span></a> <a href="https://digitalcourage.social/tags/Cyberstalking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cyberstalking</span></a> <a href="https://digitalcourage.social/tags/Messenger" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Messenger</span></a> <a href="https://digitalcourage.social/tags/Browser" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Browser</span></a> <a href="https://digitalcourage.social/tags/Youtube" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Youtube</span></a> <a href="https://digitalcourage.social/tags/NewPipe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NewPipe</span></a> <a href="https://digitalcourage.social/tags/Chatkontrolle" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Chatkontrolle</span></a> <a href="https://digitalcourage.social/tags/nichtszuverbergen" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nichtszuverbergen</span></a> <a href="https://digitalcourage.social/tags/%C3%9CberwachungsKapitalismus" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ÜberwachungsKapitalismus</span></a> <a href="https://digitalcourage.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Microsoft</span></a> <a href="https://digitalcourage.social/tags/Apple" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Apple</span></a> <a href="https://digitalcourage.social/tags/Windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Windows</span></a> <a href="https://digitalcourage.social/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Linux</span></a> <a href="https://digitalcourage.social/tags/Matrix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Matrix</span></a> <a href="https://digitalcourage.social/tags/Mastodon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Mastodon</span></a> <a href="https://digitalcourage.social/tags/Friendica" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Friendica</span></a> <a href="https://digitalcourage.social/tags/Fediverse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fediverse</span></a> <a href="https://digitalcourage.social/tags/Mastodir" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Mastodir</span></a> <a href="https://digitalcourage.social/tags/Loops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Loops</span></a> <a href="https://digitalcourage.social/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a> <a href="https://digitalcourage.social/tags/Ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ransomware</span></a> <a href="https://digitalcourage.social/tags/Foss" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Foss</span></a> <a href="https://digitalcourage.social/tags/VeraCrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VeraCrypt</span></a> <a href="https://digitalcourage.social/tags/HateAid" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HateAid</span></a> <a href="https://digitalcourage.social/tags/Coreboot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Coreboot</span></a> <a href="https://digitalcourage.social/tags/Volksverpetzer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Volksverpetzer</span></a> <a href="https://digitalcourage.social/tags/Netzpolitik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Netzpolitik</span></a> <a href="https://digitalcourage.social/tags/Digitalisierung" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Digitalisierung</span></a> <a href="https://digitalcourage.social/tags/FragdenStaat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FragdenStaat</span></a> <a href="https://digitalcourage.social/tags/Shiftphone" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Shiftphone</span></a> <a href="https://digitalcourage.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a> <a href="https://digitalcourage.social/tags/GrapheneOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GrapheneOS</span></a> <a href="https://digitalcourage.social/tags/CCC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CCC</span></a> <a href="https://digitalcourage.social/tags/Mail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Mail</span></a> <a href="https://digitalcourage.social/tags/Mullvad" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Mullvad</span></a> <a href="https://digitalcourage.social/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PGP</span></a> <a href="https://digitalcourage.social/tags/GnuPG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GnuPG</span></a> <a href="https://digitalcourage.social/tags/DNS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNS</span></a> <a href="https://digitalcourage.social/tags/Gaming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Gaming</span></a> <a href="https://digitalcourage.social/tags/linuxgaming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linuxgaming</span></a> <a href="https://digitalcourage.social/tags/Lutris" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Lutris</span></a> <a href="https://digitalcourage.social/tags/Protondb" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Protondb</span></a> <a href="https://digitalcourage.social/tags/eOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>eOS</span></a> <a href="https://digitalcourage.social/tags/Enshittification" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Enshittification</span></a> <br><a href="https://digitalcourage.social/tags/Bloatware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Bloatware</span></a> <a href="https://digitalcourage.social/tags/TPM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TPM</span></a> <a href="https://digitalcourage.social/tags/Murena" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Murena</span></a> <a href="https://digitalcourage.social/tags/LiberaPay" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LiberaPay</span></a> <a href="https://digitalcourage.social/tags/GnuTaler" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GnuTaler</span></a> <a href="https://digitalcourage.social/tags/Taler" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Taler</span></a> <a href="https://digitalcourage.social/tags/PreppingforFuture" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PreppingforFuture</span></a><br><a href="https://digitalcourage.social/tags/FediLZ" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FediLZ</span></a> <a href="https://digitalcourage.social/tags/BlueLZ" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BlueLZ</span></a> <a href="https://digitalcourage.social/tags/InstaLZ" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InstaLZ</span></a> <a href="https://digitalcourage.social/tags/ThreatModel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ThreatModel</span></a><br><a href="https://digitalcourage.social/tags/FLOSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FLOSS</span></a> <a href="https://digitalcourage.social/tags/UEFI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UEFI</span></a> <a href="https://digitalcourage.social/tags/Medienkompetenz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Medienkompetenz</span></a></p>
Frühere Suchanfragen
Keine früheren Suchanfragen
Suchoptionen
Nur verfügbar, wenn angemeldet.
nrw.social ist einer von vielen unabhängigen Mastodon-Servern, mit dem du dich im Fediverse beteiligen kannst.
Wir sind eine freundliche Mastodon Instanz aus Nordrhein-Westfalen. Ob NRW'ler oder NRW-Sympathifanten, jeder ist hier willkommen.
Verwaltet von:
Serverstatistik:
2,8 Tsd.aktive Profile
nrw.social: Über · Status · Profilverzeichnis · Impressum/Datenschutz
Mastodon: Über · App herunterladen · Tastenkombinationen · Quellcode anzeigen · v4.3.7
#2fa
6 Beiträge · 6 Beteiligte · 1 Beitrag heute
War on the Castle, Peace in the Valley🛡️🍉🇵🇸 🏳️🌈Cybersecurity for Activists hit #1 Best Seller in Online Safety and Privacy. Thanks to those who purchased. Let's keep the ball rolling. Because Big Brother is not just watching.
Bug Bounty: For anyone who points out a factual error I will donate a copy to a student.
#SurveillanceState #Cellebrite #NoviSpy #ZeroDayExploit #DataPrivacy #ActivistsUnderAttack #PrivacyMatters #DigitalSecurity #EndTheCreep #Totalitarianism #SurveillanceCapitalism #DigitalRights #TechForGood #KnowYourRights #StaySafe #PhoneHacking #Spyware #ZeroDay #Resistance #ProtectYourData #cybersecurity #Fascism #TeslaTakedown #Indivisible #activism #DigitalSecurity #digitalsecuritymatters #cybersecuritycondor
#MAGAfascism #Trumpfascism #stopthefascistcreep #stopMAGA #StopElon #fElon47 #felon45 #resist #shepersisted #news #books #booktok #meta #2fa
ksp1968<p><span class="h-card" translate="no"><a href="https://norden.social/@pink" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>pink</span></a></span> <span class="h-card" translate="no"><a href="https://social.nitrokey.com/@nitrokey" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>nitrokey</span></a></span> <br><a href="https://norden.social/tags/fido2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fido2</span></a> <a href="https://norden.social/tags/2fa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2fa</span></a> <a href="https://norden.social/tags/token" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>token</span></a> <a href="https://norden.social/tags/neuhier" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>neuhier</span></a> <br>Efahrungsbericht zur 2fa FIDO2 Anmeldung bei einer Instanz. Bei mir norden.social. Ihr könnt in den Einstellungen->Konto->2 Faktor Authentifizierung eure Anmeldung sicherer machen. Wenn ihr 2fa Authentifizierung eingerichtet habt, könnt ihr auch FIDO2 einrichten. Ich habe 2 solcher FIDO2-Token, und habe beide eingerichtet, über die ich mich nun anmelde. @norden.social: Gibt es eine Schritt für Schritt Anleitung für Anfänger dazu?</p>
BLACKVOID ⚫️<p>Love the new <span class="h-card" translate="no"><a href="https://threads.net/@ghost/" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>ghost</span></a></span> 5.118 update that came with <a href="https://mastodon.social/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a> verification feature for staff members! (finally)</p><p><a href="https://ghost.org/changelog/2fa/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">ghost.org/changelog/2fa/</span><span class="invisible"></span></a></p><p><a href="https://mastodon.social/tags/selfhosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhosting</span></a> <a href="https://mastodon.social/tags/selfhosted" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhosted</span></a> <a href="https://mastodon.social/tags/homelab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>homelab</span></a></p>
ksp1968<p>Moin <a href="https://norden.social/tags/neuhier" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>neuhier</span></a> <br>Ich habe einen <a href="https://norden.social/tags/Nitrokey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nitrokey</span></a> Pro als USB-Dongle. Habt ihr Erfahrung mit <a href="https://norden.social/tags/totp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>totp</span></a> <a href="https://norden.social/tags/2fa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2fa</span></a> ?<br>Ich möchte meine Dongles gerne zur Anmeldung bei meinem Account @norden.social verwenden. Ich habe davon aber noch die Finger gelassen. Ich habe keine Erfahrung damit. Außer mit <a href="https://norden.social/tags/fido2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fido2</span></a>.<br><a href="https://norden.social/tags/neuhier" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>neuhier</span></a> <a href="https://norden.social/tags/totp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>totp</span></a> <a href="https://norden.social/tags/2fa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2fa</span></a> <a href="https://norden.social/tags/nitrokey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nitrokey</span></a> <a href="https://norden.social/tags/fido2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fido2</span></a></p>
Radio Azureus<p>There are different articles floating on the internet of people who've experienced the same as I have. For no reason, without any warning, you cannot uninstall authy anymore on your device.</p><p>If you do a few things will happen; one of them is that after installation it will not allow you to get an SMS from your mobile phone, or it will allow that, but you will not be able to add any new accounts.</p><p>In either case the program has become worthless and you will get no warning ⚠️ </p><p><a href="https://mastodon.social/tags/Authy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Authy</span></a> <a href="https://mastodon.social/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a></p>
Radio Azureus<p>Have you started migrating your authy MFA 2FA accounts to open source MFA clients?</p><p>¡¿No?!</p><p>Please start asap. The company has quietly been changing things with this important program and since they do not allow you to export your accounts easily, you will be in a situation where you have to systematically migrate the most important account you have to open source clients</p><p>At a certain point authy will stop working even on your new Androids without explanation no **fucks given**</p><p><a href="https://mastodon.social/tags/Authy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Authy</span></a> <a href="https://mastodon.social/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a></p>
Terence Eden<p>🆕 blog! “That's Not How A SIM Swap Attack Works”</p><p>There's a disturbing article in The Guardian about a person who was on the receiving end of a successful cybersecurity attack.</p><p>EE texted to say they had processed my sim activation request, and the new sim would be active in 24 hours. I was told to contact them if I hadn’t requested this. I hadn’t, so I did …</p><p>👀 Read more: <a href="https://shkspr.mobi/blog/2025/04/thats-not-how-a-sim-swap-attack-works/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">shkspr.mobi/blog/2025/04/thats</span><span class="invisible">-not-how-a-sim-swap-attack-works/</span></a><br>⸻<br><a href="https://mastodon.social/tags/2fa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2fa</span></a> <a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mastodon.social/tags/MFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MFA</span></a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://mastodon.social/tags/sim" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sim</span></a></p>
Terence Eden’s Blog<p><strong>That's Not How A SIM Swap Attack Works</strong></p><p><a href="https://shkspr.mobi/blog/2025/04/thats-not-how-a-sim-swap-attack-works/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">shkspr.mobi/blog/2025/04/thats</span><span class="invisible">-not-how-a-sim-swap-attack-works/</span></a></p><p>There's <a href="https://www.theguardian.com/money/2025/apr/15/ee-was-unapologetic-after-i-tried-to-stop-a-sim-swap" rel="nofollow noopener noreferrer" target="_blank">a disturbing article in The Guardian</a> about a person who was on the receiving end of a successful cybersecurity attack.</p><blockquote><p>EE texted to say they had processed my sim activation request, and the new sim would be active in 24 hours. I was told to contact them if I hadn’t requested this. I hadn’t, so I did so immediately. Twenty-four hours later, my mobile stopped working and money was withdrawn from my bank account.</p><p><strong>With their alien sim, the fraudster infiltrated my handset and stole details for every account I had.</strong> Passwords and logins had been changed for my finance, retail and some social media accounts. </p></blockquote><p>(Emphasis added.)</p><p>I realise it is in the consumer rights section of the newspaper, not the technology section, and I dare-say some editorialising has gone on, but that's <em>nonsense</em>.</p><p>Here's how a SIM swap works.</p><ol><li>Attacker convinces your phone company to reassign your telephone number to a new SIM.</li><li>Attacker goes to a website where you have an account, and initiates a password reset.</li><li>Website sends a verification code to your phone number, which is now in the hands of the attacker.</li><li>Attacker supplies verification code and gets into your account.</li></ol><p>Do you notice the missing step there?</p><p>At no point does the attacker "infiltrate" your handset. Your handset is still in your possession. The SIM is dead, but that doesn't give the attacker access to the phone itself. There is simply <strong>no way</strong> for someone to put a new SIM into their phone and automatically get access to your device.</p><p>Try it now. Take your SIM out of your phone and put it into a new one. Do all of your apps suddenly appear? Are your usernames and passwords visible to you? No.</p><p>There are ways to transfer your data from an <a href="https://support.apple.com/en-gb/HT210216" rel="nofollow noopener noreferrer" target="_blank">iPhone</a> or <a href="https://support.google.com/android/answer/13761358?hl=en" rel="nofollow noopener noreferrer" target="_blank">Android</a> - but they require a lot more work than swapping a SIM.</p><p>So how did the attacker know which websites to target and what username to use?</p><p><strong>What (Probably) Happened</strong></p><p>Let's assume the person in the article didn't have malware on their device and hadn't handed over all their details to a cold caller.</p><p>The most obvious answer is that the attacker <em>already</em> knew the victim's email address. Maybe the victim gave out their phone number and email to some dodgy site, or they're listed on their contact page, or something like that.</p><p>The attacker now has two routes.</p><p>First is "hit and hope". They try the email address on hundreds of popular sites' password reset page until they get a match. That's time-consuming given the vast volume of websites.</p><p>Second is targetting your email. If the attacker can get into your email, they can see which sites you use, who your bank is, and where you shop. They can target those specific sites, perform a password reset, and get your details.</p><p>I strongly suspect it is the latter which has happened. The swapped SIM was used to reset the victim's email password. Once in the email, all the accounts were easily found. At no point was the handset broken into.</p><p><strong>What can I do to protect myself?</strong></p><p>It is important to realise that <a href="https://shkspr.mobi/blog/2024/03/theres-nothing-you-can-do-to-prevent-a-sim-swap-attack/" rel="nofollow noopener noreferrer" target="_blank">there's nothing you can do to prevent a SIM-swap attack</a>! Your phone company is probably incompetent and their staff can easily be bribed. You do not control your phone number. If you get hit by a SIM swap, it almost certainly isn't your fault.</p><p>So here are some practical steps anyone can take to reduce the likelihood and effectiveness of this class of attack:</p><ul><li>Remember that <a href="https://shkspr.mobi/blog/2020/03/its-ok-to-lie-to-wifi-providers/" rel="nofollow noopener noreferrer" target="_blank">it's OK to lie to WiFi providers</a> and other people who ask for your details. You don't need to give someone your email for a receipt. You don't need to hand over your real phone number on a survey. This is the most important thing you can do.</li><li>Try to hack yourself. How easy would it be for an attacker who had stolen your phone number to also steal your email address? Open up a private browser window and try to reset your email password. What do you notice? How could you secure yourself better?</li><li>Don't use SMS for two-factor authentication. If you are given a choice of 2FA methods, use a dedicated app. If the only option you're given is SMS - contact the company to complain, or leave for a different provider.</li><li>Don't rely on a <a href="https://bsky.app/profile/scientits.bsky.social/post/3lmz2zaxkf22k" rel="nofollow noopener noreferrer" target="_blank">setting a PIN for your SIM</a>. The PIN only protects the physical SIM from being moved to a new device; it does nothing to stop your number being ported to a new SIM.</li><li>Finally, realise that professional criminals only need to be lucky once but you need to be lucky all the time.</li></ul><p>Stay safe out there.</p><p><a rel="nofollow noopener noreferrer" class="hashtag u-tag u-category" href="https://shkspr.mobi/blog/tag/2fa/" target="_blank">#2fa</a> <a rel="nofollow noopener noreferrer" class="hashtag u-tag u-category" href="https://shkspr.mobi/blog/tag/cybersecurity/" target="_blank">#CyberSecurity</a> <a rel="nofollow noopener noreferrer" class="hashtag u-tag u-category" href="https://shkspr.mobi/blog/tag/mfa/" target="_blank">#MFA</a> <a rel="nofollow noopener noreferrer" class="hashtag u-tag u-category" href="https://shkspr.mobi/blog/tag/security/" target="_blank">#security</a> <a rel="nofollow noopener noreferrer" class="hashtag u-tag u-category" href="https://shkspr.mobi/blog/tag/sim/" target="_blank">#sim</a></p>
Peter Kraume :typo3:<p><span class="h-card" translate="no"><a href="https://fosstodon.org/@LimeSurvey" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>LimeSurvey</span></a></span> The new <a href="https://phpc.social/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a> with <a href="https://phpc.social/tags/YubiKey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>YubiKey</span></a> doesn't work well in combination with <span class="h-card" translate="no"><a href="https://1password.social/@1password" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>1password</span></a></span> and the auto submit feature. Why didn't you implement <a href="https://phpc.social/tags/WebAuthn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebAuthn</span></a>?</p>
Fedi.Tips<p>If you want to add extra security to your Mastodon account, you can optionally use "Two-Factor Authentication" (2FA). When you have this feature activated, even if someone else finds out your password they will be unable to log into your account.</p><p>There is a complete guide to activating 2FA on Mastodon here:</p><p>➡️ <a href="https://fedi.tips/using-two-factor-authentication-2fa-on-mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">fedi.tips/using-two-factor-aut</span><span class="invisible">hentication-2fa-on-mastodon</span></a></p><p>This guide also answers lots of common questions about two-factor authentication 🙂 </p><p><a href="https://social.growyourown.services/tags/FediTips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FediTips</span></a> <a href="https://social.growyourown.services/tags/Mastodon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Mastodon</span></a> <a href="https://social.growyourown.services/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a> <a href="https://social.growyourown.services/tags/TwoFactorAuthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TwoFactorAuthentication</span></a></p>
katzenjens<p>Keksklau... 😬<br><a href="https://www.youtube.com/watch?v=pSdu6iW878E" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">youtube.com/watch?v=pSdu6iW878</span><span class="invisible">E</span></a><br><a href="https://social.tchncs.de/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://social.tchncs.de/tags/cookies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cookies</span></a> <a href="https://social.tchncs.de/tags/2fa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2fa</span></a></p>
CryptGoat<p><a href="https://fedifreu.de/tags/Kleinanzeigen" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Kleinanzeigen</span></a> sollte mal echt dringend verpflichtende <a href="https://fedifreu.de/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a> einführen. Auf der Suche nach einem Prozessor habe ich fast 10 Scam-Anzeigen löschen lassen, für die offensichtlich gekaperte Alt-Accounts mit guten Wertungen genutzt wurden. Es ist eine Seuche...</p><p><a href="https://fedifreu.de/tags/EbayKleinanzeigen" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EbayKleinanzeigen</span></a></p>
Pseudo Nym<p>Hey <span class="h-card" translate="no"><a href="https://infosec.exchange/@Bugcrowd" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Bugcrowd</span></a></span> how come one had to reset password to add 2FA? "You must reset your password" emails usually imply a breach, but your support folks say it's just because you decided everyone needed to add <a href="https://mastodon.online/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a>. Which, I can respect, but why would that require a password reset?</p><p>800-53 suggests against password resets unless there is evidence of a breach.</p>
Linux Is Best<p><span>On the topic of 2FA (2nd factor authentication), I really do need to find an alternative that:<br><br>1) Is cloud based sync service, but can also run locally<br>2) Does not require you to set up on your own server<br>3) Can be used on multiple devices<br>4) Is not limited to specific hardware.<br>5) Can export and import if needed.<br>6) Outside Us Jurisdiction <br><br>If I seem to be repeating my requirements, it is because there are so many unhelpful people, who believe they are being helpful, by ignoring all those requirements. - I said, what I said.<br><br></span><a href="https://mk.absturztau.be/tags/2FA" rel="nofollow noopener noreferrer" target="_blank">#2FA</a> <a href="https://mk.absturztau.be/tags/2ndFactorAuthentication" rel="nofollow noopener noreferrer" target="_blank">#2ndFactorAuthentication</a> <a href="https://mk.absturztau.be/tags/Security" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://mk.absturztau.be/tags/InfoSec" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://mk.absturztau.be/tags/InformationSecurity" rel="nofollow noopener noreferrer" target="_blank">#InformationSecurity</a></p>
Terence Eden<p>🆕 blog! “FobCam '25 - All my MFA tokens on one page”</p><p>Some ideas are timeless. Back in 2004, an anonymous genius set up "FobCam". Tired of having to carry around an RSA SecurID token everywhere, our hero simply left the fob at home with an early webcam pointing at it. And then left the page open for all to see.</p><p>Security expert Bruce…</p><p>👀 Read more: <a href="https://shkspr.mobi/blog/2025/04/fobcam-25-all-my-mfa-tokens-on-one-page/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">shkspr.mobi/blog/2025/04/fobca</span><span class="invisible">m-25-all-my-mfa-tokens-on-one-page/</span></a><br>⸻<br><a href="https://mastodon.social/tags/2fa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2fa</span></a> <a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mastodon.social/tags/MFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MFA</span></a> <a href="https://mastodon.social/tags/Satire" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Satire</span></a>(Probably) <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a></p>
cacu<p>👉🏽 Beyond the Hook: A Technical Deep Dive into Modern Phishing Methodologies 👈🏽 </p><p><a href="https://blog.quarkslab.com/technical-dive-into-modern-phishing.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.quarkslab.com/technical-d</span><span class="invisible">ive-into-modern-phishing.html</span></a></p><p>A technical exploration of modern phishing tactics, from basic HTML pages to advanced MFA-bypassing techniques, with analysis of infrastructure setup and delivery methods used by phishers in 2025.</p><p><a href="https://todon.nl/tags/pishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pishing</span></a> <a href="https://todon.nl/tags/MFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MFA</span></a> <a href="https://todon.nl/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a> <a href="https://todon.nl/tags/maliciousinfrastructure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>maliciousinfrastructure</span></a> <a href="https://todon.nl/tags/maliciousemal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>maliciousemal</span></a> <a href="https://todon.nl/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a></p>
Yazad<p>Is it a good idea to backup your Authenticator app like Microsoft Authenticator? Or is it a security concern?</p><p>Context: I need to switch phones and I would like to avoid manually switching my 2FA to the other phone.</p><p>(I’m not looking for advise on the best 2FA physical token or app, I’m only looking for advise on if backing up for subsequently restoring the Authenticator app has any security concerns while switching phones)</p><p>Thank you.</p><p><a href="https://techhub.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://techhub.social/tags/2fa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2fa</span></a></p>
Expertenkommision Cyberunfall<p>Was sehr <a href="https://mastodon.social/tags/verd%C3%A4chtig" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>verdächtig</span></a> ist:</p><p>Immer wenn ich auf dem Nummernblock einen <a href="https://mastodon.social/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a>-Code eingebe, dann sind die <a href="https://mastodon.social/tags/Nummern" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nummern</span></a> so "<a href="https://mastodon.social/tags/zuf%C3%A4llig" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>zufällig</span></a>" ausgewählt, das ich nie mehr als 1 Taste überspringen muss um den <a href="https://mastodon.social/tags/Code" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Code</span></a> vollständig einzugeben!1!elf!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://suya.place/users/bogdan" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>bogdan</span></a></span> anything that mandates <a href="https://infosec.space/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a> and doesn't provide <a href="https://infosec.space/tags/TOTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TOTP</span></a> or <a href="https://infosec.space/tags/HOTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HOTP</span></a> support as per <a href="https://infosec.space/tags/RFC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RFC</span></a> but demand something like <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a> that are <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> should be outlawed.</p><ul><li>I can accept <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PGP</span></a>-based 2FA as a compromise...</li></ul>
EntdeckenLive-Feeds
Mastodon ist der beste Zugang, um auf dem Laufenden zu bleiben.
Du kannst jedem im Fediverse folgen und alles in chronologischer Reihenfolge sehen. Keine Algorithmen, Werbung oder Clickbaits vorhanden.
Konto erstellenAnmeldenZum Hochladen hereinziehen