[fr] N'utilisez pas le code par SMS comme solution pour la double authentification, utilisez une application genre "Google Authenticator" sur votre téléphone à la place. Pourquoi? A cause du SIM-swapping.
People nowadays rely heavily on their online presence: in today’s world, your e-mail, facebook, tiktok or instagram account has become part of your identity. So, you’ll want good passwords for your accounts, and an extra layer of security provided by two-factor authentication (2FA). But don’t use SMS for that!
You definitely want to use two-factor authentication (2FA) on at least all your important online accounts (e-mail, facebook, website, etc). This means in addition to using a strong password (do use a password manager) you also have to indicate you are in physical possession of your phone (usually) or some other device (newer: security keys).
SMS is the basic (but outdated) way of doing 2FA. You get a code through SMS when you try to sign in from another device.
However, as this episode of the Perfect Scam podcast on the multi-million SIM swapping business demonstrates, there is no way to safeguard oneself against SIM-swapping (though I do suspect it is less likely to happen in Switzerland than in the USA).
Do listen to this podcast, and to other episodes of “A Perfect Scam“. It’s really a great way to become familiar with the kinds of bad actors a normal person can encounter today, and how they operate.
A couple of extra tips:
- your e-mail allows to reset all your social media accounts, so it should be extra secure
- in addition to making sure you don’t use SMS for 2FA, make sure it is not possible to reset your account password by receiving a code or link by SMS
- use an authenticator app on your phone like Google Authenticator
- make sure to print out the backup codes which will allow you to access your account if ever you’re locked out, and store them in a safe place.
Stay informed and stay safe!