I always thought there should be an extra factor for resetting password, like a delay period while website attempts to notify the user via all provided contact information.
the delayed withdraw process in steemit seems to do that.
Thanks for the useful data, I had no idea 2FA can be hacked that easy and used as a weak point at the seam time.
You are viewing a single comment's thread from:
I think one of the issues is that the websites need to strike a balance between those of us who are just plain forgetful, providing fast and convenient services while also providing security. I think there are services that are multiple-authentication that go a bit further that are available as well.
Great point on the delayed withdrawal or the Steemit powerdown. At first a lot of people think this is inconvenient but soon realize that it makes your Steem Wallet much more secure in the event someone attempts to steal your funds.
True, True, 👍 in most cases, those get hacked that are not careful with their security. they must learn from crypro currency community hot to do it.