Facebook for iOS and Android Gains Hardware Security Key Support

[dontwalkhand]

I have replaced those little RSA security keys that my bank had with one in an app. Now I’m supposed to go back to these things?

 

[dvanwinkle]

I'm considering a cross-platform solution using NFC so something like FaceID won't work. Thinking of putting a flat Yubikey NFC FOB in my wallet then swipe phone against back pocket or wallet against laptop/desktop whenever I need to authenticate. For now I use Google Voice # for SMS MFA so a little more protected than naked carrier SMS MFA but Yubikey is probably even better.

I have both the YubiKey 5Ci and the 5c NFC. Both are great solutions, but NFC is much easier. Just don’t keep it in the same pocket as your phone.

 

[Cndnmax]

Isn’t this the equivalent of locking up your fridge incase your house gets broken in? If my accounts are being hacked, Facebook doesn’t even make the list of accounts I’d be worried about.

 

[jlc1978]

I understand that you defeat 2FA by using the SMS suggestions with Continuity, hence why I emphasized separate OTP (one-time password) and U2F (physical device) being the best routes. I've seen several sites offer OTP codes to scan or copy and advertise Google Authenticator but there are sooo many better alternatives like Authy.

We're in agreement here' I was commenting on how many people don't realize 2FA is not as secure as it's made out to be.

I used to use Google Voice burners but issues arose when they deemed the numbers inactive and made me generate a new one after a period. But it was a really nice workaround, and it can be a solid practice if you only use Voice on devices you don't login from. I also generally use the least amount of Google services.

Yea, having to use it once a quarter or so is a bit of a pain especially if you never log into the account; I used to just call a number from GV every so often to keep it active.