undefined | Better HN

0 pointsdx875y ago0 comments

Sounds like an exploit. The article says that some of the accounts were confirmed to have multi-factor authentication enabled.

0 comments

justinmeiners5y ago

> multi-factor authentication enabled

It sure seems like multi-factor auth isn't very helpful, when nearly all hacks have nothing to do with breaking credentials.

Latty5y ago

> when nearly all hacks have nothing to do with breaking credentials.

This seems like a big claim to make. My understanding is that by far the most common reason accounts are compromised is password reuse combined with another site being compromised.

justinmeiners5y ago

Sure, I guess that is a wrong assumption on my part.

Perhaps a better way to word it, is: two factor auth only seems to protect you if all the other parts of site authentication are solid, which rarely seems to be true.

1 more reply

artursapek5y ago

Actually, that proves that it is helpful.

justinmeiners5y ago

How so?

j / k navigate · click thread line to collapse

0 comments

justinmeiners5y ago

> multi-factor authentication enabled

It sure seems like multi-factor auth isn't very helpful, when nearly all hacks have nothing to do with breaking credentials.

Latty5y ago

> when nearly all hacks have nothing to do with breaking credentials.

This seems like a big claim to make. My understanding is that by far the most common reason accounts are compromised is password reuse combined with another site being compromised.

justinmeiners5y ago

Sure, I guess that is a wrong assumption on my part.

Perhaps a better way to word it, is: two factor auth only seems to protect you if all the other parts of site authentication are solid, which rarely seems to be true.

1 more reply

artursapek5y ago

Actually, that proves that it is helpful.

justinmeiners5y ago

How so?

j / k navigate · click thread line to collapse