T-mobile getting sued due to alleged cryptocurrency theft

[vanished]

12 hours ago, Fetzie said:

And, if someone explicitly sets up a PIN to control access to a service then the provider should actually require it.

The fact that they can bypass it at will shows the flaw in the system.  It's the difference between encryption where without the key, it's inherently impossible to read the data, and just asking for a password to view, but you could just go around and open it anyway.

[Daniel Monsanto]

On 2/8/2018 at 2:24 AM, KuJoe said:

For anybody out there who uses 2FA on their phone via SMS or phone call, I highly recommend getting a 2nd phone with a different number that you've never used before for your 2FA. Their are phone services out there that don't cost a cent and give you SMS, voice, and data for free with a dedicated phone number.

 

After LMG's stuff got hacked, I went out and got a new phone and phone number for all of my important stuff that is too ignorant to support anything other than SMS.

I travel alot and the main number I have is from a company in a small country where everybody knows everyone, so a lot harder to get numbers ported, especially since that feature doesn't exist with them.

[dalekphalm]

19 hours ago, Ryan_Vickers said:

The fact that they can bypass it at will shows the flaw in the system.  It's the difference between encryption where without the key, it's inherently impossible to read the data, and just asking for a password to view, but you could just go around and open it anyway.

It would be nice if they changed their system to force the service agent to ask for the PIN (preferably in a way that the service agent cannot see or hear what the pin is).

 

Rogers actually does this now, where you type the pin into the phone, and the rep can't see what you typed in, only whether it was successful or not (Unless they memorized touch tone sounds lol)