two-factor authentication Archives

AppWizard

May 16, 2025

Chrome for Android could soon automatically fill verification codes sent via SMS

Google Chrome for Android is set to introduce a feature that will automatically detect and fill two-factor authentication (2FA) codes sent via SMS. This functionality aims to enhance user convenience by eliminating the need for manual copying and pasting of 2FA codes, streamlining the process for users accessing websites through the browser. A screenshot from tipster Leopeva64 suggests this feature will provide a more integrated approach to online security. While SMS-based 2FA is considered less secure than alternatives, this addition could significantly improve the experience for users who rely on SMS for verification.

AppWizard

May 15, 2025

Valve refutes reports of massive Steam hack

Valve addressed concerns about alleged breaches of user data, refuting claims of a significant hack involving Steam account information. The company clarified that reports of leaked two-factor authentication text messages do not indicate any compromise of its internal systems. The source of the leak is under investigation, and it involved older text messages containing one-time codes valid for 15 minutes, without linking phone numbers to Steam accounts or exposing sensitive information like passwords or payment details. Valve emphasized that old text messages cannot compromise account security and that attempts to change account details via SMS will trigger additional confirmation steps. Allegations from Underdark.ai about a dataset containing over 89 million Steam user records are questioned due to the low asking price for the data.

Winsage

May 15, 2025

This hidden Windows 11 feature lets you force an emergency restart — how it works and where to find it

Windows 11 includes an emergency restart feature that serves as a safer alternative to forcefully pressing the power button when a PC is unresponsive, reducing the risk of file corruption and system instability. For installing Windows 11 on unsupported PCs, users should assess hardware compatibility, utilize workarounds, back up data, explore community forums, stay updated on patches, consider hardware upgrades, and familiarize themselves with new features. To enhance security, users should enable two-factor authentication, regularly update software, use strong passwords, install antivirus software, be cautious with email attachments, back up data, and educate themselves about phishing scams.

AppWizard

May 14, 2025

PC gamers urged to change Steam password following breach of 89 million users’ data

Steam is facing a potential data breach that may affect millions of users, reportedly linked to a third-party company associated with Valve, its parent organization. Discussions indicate that Two-Factor Authentication (2FA) data may have been leaked, with a user claiming to sell over 89 million user records on a dark web forum for ,000. Twilio, a company mentioned in connection with the breach, has denied any wrongdoing, stating there is no evidence of a breach on their end. Users are advised to enable 2FA, change passwords, and monitor email accounts for suspicious activity to protect against potential phishing attacks and account takeovers.

Winsage

May 2, 2025

Microsoft Warns Windows Users—Delete Your Password

Microsoft aims to eliminate passwords for a billion users, promoting the use of passkeys that enhance account security by linking it to physical devices. The company warns that password-related attacks are increasing and emphasizes that having both a passkey and a password leaves accounts vulnerable to phishing. On World Password Day, Microsoft encourages users to abandon passwords entirely. The FIDO Alliance supports this initiative with a "Passkey Pledge," highlighting that over 35% of individuals have faced account compromises due to password vulnerabilities. Research shows that 54% of those familiar with passkeys find them more convenient, and 53% believe they offer better security. Microsoft will make new accounts passwordless by default and encourages existing users to remove their passwords. Passkeys are described as easy to use, intuitive, and resistant to phishing. For those who continue to use passwords, Microsoft advises making them long and complex and using authentication apps for two-factor authentication.

AppWizard

April 28, 2025

For Android users: How to secure your Instagram account

Two-factor authentication (2FA) enhances online account security by requiring a second form of verification in addition to a password. To enable 2FA on Instagram, users should: open the app, go to their profile, tap the menu icon, select "Settings," navigate to "Security," and choose "Two-Factor Authentication." Users can receive verification codes via text message or an authentication app. This measure helps protect accounts even if a password is compromised.

AppWizard

April 25, 2025

12 Android apps secretly recorded your conversations

Recent findings from cybersecurity experts at ESET revealed that several Android applications, disguised as harmless tools, have been secretly recording conversations and stealing sensitive data. These malicious apps infiltrated devices through the Google Play Store and third-party platforms, compromising the privacy of thousands of users. One tactic used by cybercriminals involved romantic deception, where victims were coaxed into downloading a seemingly harmless messaging app containing the VajraSpy Trojan, which activated upon installation to record conversations and harvest personal data. The identified malicious apps fall into three categories: 1. Standard Messaging Apps with Hidden Trojans: These apps, including Hello Chat, MeetMe, and Chit Chat, request access to personal data and operate silently in the background, stealing contacts, SMS messages, call logs, device location, and installed app lists. 2. Apps Exploiting Accessibility Features: Apps like Wave Chat exploit Android’s accessibility features to intercept communications from secure platforms, record phone calls, keystrokes, and ambient sounds. 3. Single Non-Messaging App: Nidus, a news app, requests a phone number for sign-in and collects contacts and files, increasing the risk of data theft. The 12 malicious Android apps identified include: Rafaqat, Privee Talk, MeetMe, Let’s Chat, Quick Chat, Chit Chat, YohooTalk, TikTalk, Hello Chat, Nidus, GlowChat, and Wave Chat. The first six apps were available on the Google Play Store and had over 1,400 downloads before removal. Users are advised to uninstall these apps immediately to protect their personal data.

Tech Optimizer

April 12, 2025

I abandoned third-party antivirus tools, and here’s what I do instead

The author has transitioned from using third-party antivirus solutions to relying on Windows Security, which is built into Windows 10 and 11, due to its effectiveness and lack of cost. They emphasize the importance of keeping Windows Security updated and performing regular virus scans for added peace of mind. Ransomware protection features, such as Controlled Folder Access, are highlighted as essential. The Microsoft PC Manager app is recommended for optimizing system performance and security. The author advocates for good security hygiene, including avoiding suspicious emails and enabling two-factor authentication, as effective practices to maintain security without third-party antivirus software.

Tech Optimizer

April 10, 2025

6 overlooked security practices I implemented at home and I regret not using sooner

- Safeguarding technology is crucial in the digital age due to potential threats from various devices. - Two-factor authentication (2FA) enhances online account security by requiring a second code sent to a phone, email, or authentication app. - Biometric verification methods and hardware authentication devices like YubiKeys can further enhance security. - Backup codes should be printed when setting up 2FA, and passkeys offer a passwordless solution for securing accounts. - Ransomware can lock users out of data until a ransom is paid, and Windows 10 and 11 have a feature called Controlled Folder Access (CFA) to protect essential folders. - Windows Security provides baseline protection for PCs, and users should regularly check for updates and conduct manual scans. - Microsoft's PC Manager utility enhances system security by offering features for storage and app management alongside virus scanning. - Securing web browsers is vital, with unique settings available in browsers like Microsoft Edge, Firefox, and Chrome to improve privacy and security. - Regularly clearing browsing history and keeping browsers updated helps mitigate risks from malware and phishing attacks. - Securing Wi-Fi routers involves changing the default admin password and SSID, using strong encryption like WPA3, and regularly updating firmware. - Custom firmware like DD-WRT or OpenWrt can enhance router security and functionality.

Winsage

April 5, 2025

Microsoft Confirms Password Deletion For Windows Users—What You Do Now

Microsoft is transitioning away from passwords to enhance security, encouraging users to adopt passkeys. Passkeys are securely stored secrets on a user's device, unlocked through biometrics, PINs, or patterns, making them resistant to phishing and eliminating the need for complex passwords. Users can set up passkeys by signing into their Microsoft account's Advanced Security Options or Security Info, selecting a sign-in method, and following on-screen instructions. Once established, signing in is straightforward, requiring only the chosen authentication method. Microsoft is prioritizing passkeys for new accounts and refining its sign-in logic to improve efficiency, with passkeys being three times faster than traditional passwords. Passkeys can be used across devices and applications that support them, with Windows Hello facilitating authentication.