WingNews logo WingNews
top | item 28229450

(no title)

nezgar | 4 years ago

It's not secure at all, as some services (PayPal!) Allow password reset via SMS to your regitered mobile number. So if someone even has control of your mobile number via sim swap for 5 minutes they gain full control of your paypal acct. Heard of enough incidents of this earlier this year through one of the Canadian prepaid mobile flanker brands...

Paypal makes it hard to remove a mobile number from your account once it's on there too...

If a bank "MUST" have a phone number, I lean towards providing my good ol landline number since in theory thats a "little" harder to instantly take over or port out.

Worthwhile to "test" what it takes to reset a password on your various critical services...

discuss

order

computator|4 years ago

To reiterate what you said, enabling SMS can make your security much worse on some services. It's counterintuitive. Someone taking control of your phone number can make your excellent password irrelevant.

If you must provide a phone number, another tip is to call customer service on your cellular service provider and ask them to put a "port out block" or "port protect" on your account. Before anyone can do a sim swap on your account, they'd have to call the cellular service provider and give a password or PIN. (It's amazing that this isn't the default.)

JamisonM|4 years ago

> Heard of enough incidents of this earlier this year through one of the Canadian prepaid mobile flanker brands..

Please explain, sorry I did not hear about this.