In the last hour, I’ve used my phone to take pictures of my teenagers, spy on my dogs while I was out of the house, pay my electric bill and watch a funny video. Then, while buying some new dish towels (yet another use), I used my phone as an identity document without even realizing it — and I may have increased my cell phone security risk at the same time.
Why Cell Phone Security Matters at Work
Because I forgot my password to the online store, I had to reset my password. When they sent a code to my cell phone for multifactor authentication, I clicked on the link without a second thought. I clicked on it and went on my merry way to buy the new towels. While I’ve been a long-time fan of two-factor authentication because research shows it reduces attacks, especially credentials and brute force attacks, I recently learned that the process has some downsides. By clicking on the link, I used my phone to verify my identity. That allowed the company to tie my phone to the account, which creates a risk.
As long as I don’t change my phone number, it’s not much of an issue. But if I do change my number, it will eventually be assigned to someone else. That someone could take over my accounts. A recent study by Princeton University found that 100 of the 259 phone numbers they tested had linked login credentials on the internet, and that mobile carriers have weaknesses that make recycled numbers vulnerable. You may think that you’d eliminate the risk by wiping your ..
Support the originator by clicking the read the rest link below.
