Fewer than 100 Steam users had the games installed, but Valve is adding a new SMS verification step for all developers to try to prevent it from happening again.
  • ahriboy@kbin.social
    53·
    3 years ago

    And SMS messages can be intercepted. Not a good option, use physical security keys instead!

    • TWeaK@lemm.eeEnglish
      7·
      3 years ago

      Even authenticator apps are generally better than SMS.

      One thing no one talks about with SMS verifications, though, is that it frequently confirms your phone number to the business you’re giving it to. If they’re in the habit of trading user data, this makes the data much more valuable. I think this is the real reason for many businesses that push for it, when normally they could hardly care less about user security.

          • LoafyLemon@kbin.social
            2·
            3 years ago

            RCS is a replacement for SMS, used by the majority of mobile carriers in Europe, Northern America, and Asia. It is used by default in all supported regions.

                  • LoafyLemon@kbin.social
                    1·
                    3 years ago

                    It’s not surprising if you haven’t come across the rollout of RCS. Google developed this feature as a replacement for the less secure SMS standards and aimed for a seamless implementation without causing user disruptions. This could be a rare instance where we commend Google for a change that benefits users, not just their bottom line.

    • LoafyLemon@kbin.social
      2·
      3 years ago

      Only if you have the access to the same mast, otherwise no. This vastly reduces the number of attack vectors.