View Single Post
Old 22 Jul 2016, 12:23 AM   #55
Junior Member
Join Date: Apr 2014
Posts: 5
Originally Posted by DumbGuy View Post
Instead of using 2FA via SMS (because of roaming limitations), how about using 2FA via the Google Authenticator app (or similar) on a cheap Android smartphone you buy just for that purpose? You wouldn't need a phone plan & SIM card. And the only time you'd need internet access is via WiFi, initially to download the GA app. After that, you don't need any ongoing internet connection to pull up TOTP codes in GA or similar app. Have PIN/pw lock on the smartphone, and you should be pretty protected.
That is far too complicated. That means unreliable.

Yes, one of my banks made me buy a smartphone, just to load an app, which I use without a SIM, 2-3 times a year. What a pain! Another bank gave away a card reader. Many of us protested at that since they were linking two unlinkables: the internet banking, and the debit card. A principle of security is keeping things separate, and a debit card should be kept under lock and key well away from the internet, and only brought out for cash/store purchases.

Plus, if I travel, I have to carry two gadgets, with all the high probability of loss.

My point is that a phone, or gadget, is the weakest point in security, and is the first to be stolen/lost. It makes no sense at all to link anything to them.
anotheracademic is offline   Reply With Quote