Authenticator recommendations

[Slav Power]

Two-factor is only necessary for boomers who think changing "Password" to "Password1" keeps them secure. Disable it if you can, and insult the company's founders when they inevitably pop up a friendly mandatory feedback box demanding why you don't want to be secure, friend, we're just trying to help you (looking at you, Stripe).

If you can't turn it off, link it to a hardware token, never a cell phone or computer; something without the ability to track you independently of your use of the service.

I disagree, Two-factor is very important, because if there is a case of your password leaking somewhere, attackers can't do jackshit with it if they don't have the 2FA key. What I can agree on is that 2FA shouldn't be phone number based, as not only is it a privacy concern, YouTubers were getting hacked because of attackers using social engineering to get a hold of their phone number and getting 2FA keys through that way. If the 2FA keys were taken from an app, attackers would have a much, much harder time trying to get them. And keeping them in something like a KeePass database with a strong main password is a very good way to store them safely.

 

[Smaug's Smokey Hole]

Some people prefer not having their entire geographical travel history, speech patterns, text patterns and other metadata used for corporate gain.

Leave it at home when you go out, they already know where you live(am I right?). I leave mine at home all the time, it's no big deal.

I disagree, Two-factor is very important, because if there is a case of your password leaking somewhere, attackers can't do jackshit with it if they don't have the 2FA key. What I can agree on is that 2FA shouldn't be phone number based, as not only is it a privacy concern, YouTubers were getting hacked because of attackers using social engineering to get a hold of their phone number and getting 2FA keys through that way. If the 2FA keys were taken from an app, attackers would have a much, much harder time trying to get them. And keeping them in something like a KeePass database with a strong main password is a very good way to store them safely.

If it's tied to SIM it's no good. Any rogue telly-jannie can wreck your day.

 

[⠠⠠⠅⠑⠋⠋⠁⠇⠎ ⠠⠠⠊⠎ ⠠⠠⠁ ⠠⠠⠋⠁⠛]

Ok Dale Gribble

Dale Gribble's only mistake was not being paranoid enough.

No, i realize the corporations are doing it, but holy shit, just get a fucking flip phone instead of a fucking smartphone

I'd be very interested to see what extra data collection is performed for IMEIs that relate to flip phones vs. smartphones under the zionist occupational government that rules over Americans. Is it just done against flip phone IMEIs, or do they also correlate to Google and Apple accounts and the level of location tracking they have enabled, and perform extra tracking against smartphones where the account used on the phone has the full location tracking disabled? Malicious STK apps will run on iPhones and Galaxies just like they will on flip phones.

I rather suspect they might be too lazy to do the second level of checking, so if you want to be semi-private but still use a cell phone, and you don't want to use really specialized hardward, you'd be better with an old phone with LineageOS and no Google tracking bullshit.

I used to use Keepass2Android, but found KeePassDX's keyboard to be much more superior. Today I've changed my syncing method from using Dropbox to using Syncthing, though I should probably set up some kind of cloud backup too and not rely on local syncing.

Syncthing's pretty sound if you have a few devices going.

There is facility for it to maintain- on one of more devices- historical versions, in a variety of different ways. If you have a trusted device where you think it should be mostly secure against enemy attackers, I would suggest putting the share on which you keep your KeePass files into one of those versioning modes for a few weeks or so to guard against corruption.

 

[Dick Justice]

No, i realize the corporations are doing it, but holy shit, just get a fucking flip phone instead of a fucking smartphone

Flip phones run android now. All you can do is yank the battery when you're not using it or try lineageOS or whatever.