Those general details could span a number of health companies.
The one I use seems to retain expired credit card details, and I have several times requested that they be removed. No luck so far, but they have a new website so they wikll probably just hide them.
Two factor authentication is in addition to your usual account name and password. The idea is that some Russian hacker can't access your account without also having physical access to the PC to generate required passkeys.
Nowadays banks are doing this or something similar, such as sending a text.
If someone nicks your computer with the authenticator app then you go to another computer and access the authenticator with your special password to remove the stolen device from authenticator account.
I prefer this to getting texts with a passkey.
I prefer a proper password manager that keeps the passwords and other routinely provided stuff like you address and the username etc in a fully encrypted database and automatically fills in the form you are looking at and which allows you to select from a list of sites that you log into routinely so you can go there just by clicking that link. And which automatically collects the stuff you fill in with a new site and offers to add it to the database,
That?s why I do that stuff on the iphone with fingerprint or facial recognition, nicking it doesn?t allow anyone to use it.
Both are trivially avoided by using an iphone with fingerprint or facial recognition. Even if it gets smashed completely or say dropped over the side of a boat etc, its trivial to replace it and carry on regardless.
We're thinking along the same lines. You are going a step further, which is good.
I worry that if I were mugged in the street it would be very easy for the mugger to access the phone simply by pressing my finger against the screen. Is that how it works?
1) Assuming you like the iPhone enviroment. I don't. 2) Assuming you trust a 3rd party "cloud" with your data. I don't. 3) Using a phone for 'net access is a PITA compared to a desk top.
Finger print sensor but yes that's how it works, they would have to use one of the fingers the device knows about though. A good guess would be the 1st or maybe index finger on either hand.
They would then have to make sure the device couldn't go back into lock mode, unless they took your finger with them...
My Android takes quite a few scan attempts (more than I'd like) before getting stroppy and wanting another form of authentification. It'll also ask for that "out of the blue" as well.
I do nothing important on my mobile. I don't even bother to lock it. If someone were to steal it I would change my passwords for email and linux logins more or less instantly. I think that would solve 97% of what is stored on it.
Its an innately insecure device. Live with it
In all my instances the authenticator app is on my phone for websites I access via PC.
That wont work when you register a non obvious finger.
And only one of the latest iphones uses fingerprints anyway, the others use facial recognition which is much harder to monster the victim into supplying the normal face print with
It isnt the only smartphone with a reliable fingerprint or facial recognition system that cant be fooled by a thief.
Doesn't have to be a 2rd party backup.
Its actually much easier because the fingerprint or facial recognition is vasty easier to use than a username/password combination.
Android face security *used* to have (I haven't checked of late) a "liveness detector" you could enable as an option. It required the eyes of the face being "scanned" to blink before it would unlock the device.
I messed around with it for a while, but remain to be convinced it's anywhere near as secure as old fashioned passwords with 2FA.
In general, as soon as I read something has been designed to "make logging in easier" I lose interest. It's invariably at the cost of security. By all means *once logged in* make things easier (please do !). But I'm happy with a fairly secure login process.
The Lastpass password manager allows you to add a layer of protection to sensitive sites so that you are re-prompted for the main password when you try to use them.
And that can generate random password for new sites to ensure maximum entropy ...
And with the best systems, it has to be a live finger.
Trivial to use a better system which doesn't.
Bullshit it is with the best fingerprint and facial recognition systems.
Yes, but the original I was replying to says:-
"...remembered as safe and not require signing in subsequently."
which says to me that access from a particular computer (or smartphone maybe) is automatic, without any sort of authentication.
Exactly! :-) Much easier to use to make phone calls (which is what I use mine for, strangely) if there's no lock at all on it. It's a pay-as-you-go phone so there's only maximum of £10 or so of credit for someone to 'steal'.
Surely a decent password *has* to be memorable because otherwise you have to have a written copy somewhere that someone else can find. A password manager doesn't get over this issue because you have to have a memorable password for the password manager.
HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.