• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.

False Alarm!

Status
Not open for further replies.
K

Kayant

Member
Ha these threads are always great to see reasonable reasoning and the extreme.
Afrocious said:
that sucks OP

though i think it's silly for people to think a 2 step verification method is a cure all for not getting hacked, that still sucks
Click to expand...
Yh just so people are aware 2FA is not a defensive for bad password practices or mean you account is 100% safe from any attack. 2FA however, add an extra layer that makes your account more secure.
 
F

Floody

Member
idonteven said:
oh god false alarm it seems

logged in on my normal ps4 and everything worked ,went back to the ps4 pro and everything seems fine now


lets hope it was a glitch in the system

this was not a fun thing to experience
Click to expand...

Lol, I'm happy it was just a false alarm. Can't wait for this to be forgotten the next time some makes a "my PSN account has been hacked" and someone make the usual "this is happening every week, Sony's security is shit" comment, when in pretty much every thread since 2FA it's been a mistake or the users fault.
 
Peroroncino

Peroroncino

Member
idonteven said:
oh god false alarm it seems

logged in on my normal ps4 and everything worked ,went back to the ps4 pro and everything seems fine now


lets hope it was a glitch in the system

this was not a fun thing to experience
Click to expand...

almost-caught-val-kilmer-top-secret.gif
 
O

Orin GA

I wish I could hat you to death
Unless the hacker saw this thread, gave you back ownership and now is laying low till you drop your guard!!!
 
styl3s

styl3s

Member
And now people who read this and won't come back to this thread are going to start spreading that 2fa doesn't work, someone was hacked with 2fa etc.

People need to stop jumping the gun on these threads this isn't even the first time a thread about being hacked with 2FA was on ended up being something completely different like having a recurring payment on.
 
A

Aselith

Member
idonteven said:
oh god false alarm it seems

logged in on my normal ps4 and everything worked ,went back to the ps4 pro and everything seems fine now


lets hope it was a glitch in the system

this was not a fun thing to experience
Click to expand...

It's probably a good practice to look into it BEFORE you run to create a thread
 
hemo memo

hemo memo

Gold Member
Kayant said:
Ha these threads are always great to see reasonable reasoning and the extreme.

Yh just so people are aware 2FA is not a defensive for bad password practices or mean you account is 100% safe from any attack. 2FA however, add an extra layer that makes your account more secure.
Click to expand...

Even if your password is 1234 the hacker can't access your account without the code that get send to your phone. Unless he/she managed to hack Sony server to send the code to his/her phone or somehow managed to get a duplicate sim card from your phone company but we're getting into fiction territory here.
 
K

Kayant

Member
hemo memo said:
Even if your password is 1234 the hacker can't access your account without the code that get send to your phone. Unless he/she managed to hack Sony server to send the code to his/her phone or somehow managed to get a duplicate sim card from your phone company but we're getting into fiction territory here.
Click to expand...
How is it fictional when it has happened to several youtubers for example. Yes it's highly unlikely to happen to most people but the attack methods exists. Also things like this microsoft account mishap with Skype or the Steam bug from last year where the bug allowed 2FA to be bypassed are examples of why pulling 100% faith in 2FA and calling it a day aren't guarantees your account is 100% safe.

Using strong unique passwords for every site is still a basic and important security practice.
 
H

Hasney

Member
playXray said:
Can you explain in layman's terms how it is easy to bypass? I tried reading that article but it didn't seem to make much sense.
Click to expand...

Social enhineering mostly, which is how a lot of PSN accounts end up "hacked" (or reusing passwords which have been leaked). Just means they have to do the engineering with your phone company as well as Sony now.

Linus from Linus Tech Tips got comprimised that way.

It's still recommended to be on when it's available as its an extra step. It just not a perfect extra step.
 
Y

Yjynx

Member
Why do I get the feeling that its because OP's own stupidity then blame it on "glitch". No offense though.
 
P

playXray

Member
Hasney said:
Social enhineering mostly, which is how a lot of PSN accounts end up "hacked" (or reusing passwords which have been leaked). Just means they have to do the engineering with your phone company as well as Sony now.

Linus from Linus Tech Tips got comprimised that way.

It's still recommended to be on when it's available as its an extra step. It just not a perfect extra step.
Click to expand...

Thanks for the info. I don't understand how they can intercept the SMS message - do they somehow prevent this coming through entirely, or merely get a copy and act quickly?
 
G

George Claw M.D.

Member
Hasney said:
Social enhineering mostly, which is how a lot of PSN accounts end up "hacked" (or reusing passwords which have been leaked). Just means they have to do the engineering with your phone company as well as Sony now.

Linus from Linus Tech Tips got comprimised that way.

It's still recommended to be on when it's available as its an extra step. It just not a perfect extra step.
Click to expand...
Yeah. Here's a recent article about a big-time Bitcoiner who recently had $millions in Bitcoins stolen via hijacking the phone number associated with 2FA.

https://www.google.com/amp/www.forb...tcoin-using-only-phone-numbers/?client=safari

Ironically, it was easier to hijack multiple of his accounts, since they were all 2FA protected by a single phone number. Just using unique passwords without 2FA would've been more secure in this case. But as someone pointed out above, NIST advises against using SMS for 2FA now. But it's still the easiest 2FA method for most people.
 
N

Natels

Member
This happened to me:

I have 2-step enabled with my phone number. I share the account with a friend, the account uses his email.

He couldn't log in because of the 2-step (he didn't know I had activated it, and I was at work) so he just changed the password and logged in without 2-step.

2-step is still enabled... I find this very weird.

Shouldn't it require 2-step to change the password too?
 
Bog

Bog

Junior Ace
I'm just tired of the text message every morning telling me I have 2-factor set up.
 
T

Transistor

Banned
For those saying SMS is insecure for 2FA, that would be an EXTREMELY targeted attack if someone is going to try to clone your sim so they can get your messages. At that point, if you're being targeted, there's little you can do to protect yourself.

Bog said:
I'm just tired of the text message every morning telling me I have 2-factor set up.
Click to expand...

That means you have an older device, either a PS3 or a Vita, trying to log into your account still.

If it's around the same time every morning, it's probably a PS3.
 
Y

YesManKablam

Member
I had pretty much the exact same thing happen to me this past week with the PS4 no longer being my primary device. I didn't have 2 step turned on however, so I had to change all my info, set that up and then call Sony to allow me to activate my PS4 again.

Fun times.
 
Status
Not open for further replies.

Similar threads

Need some help! Ps5 sluggish, barely working, i cannot save my savegames
21
2K
LoveCake replied
Final Fantasy 7 Remake was well balanced
21
1K
Psychostar replied
Steam Deck convinced me that I‘ll be switching to PC
Opinion 2
85
8K
kurisu_1974 replied
Jason Schreier: An explanation of rumors/reporting/sourcing
Social News Drama 2
57
3K
cormack12 replied
Nvidia has a new graphics Control panel
Analysis 2 3
130
10K
winjer replied
Top Bottom