[SML] Oh great SML mind...
Ray Gibson
booray at gmail.com
Sat Jun 25 00:30:21 UTC 2016
On Jun 24, 2016 4:49 PM, "Jerry Durand via Stagecraft" <
stagecraft at theatrical.net> wrote:
>
>
>
> On 06/24/2016 04:00 PM, Ray Gibson via Stagecraft wrote:
>>
>> Someone who wants to hack your paypal account and sell it on the dark
web would need your password AND your phone -- something that's unlikely to
happen at the same time.
>
>
> Actually, I find that very likely. You browser probably has the password
memorized and sync'd between devices, so someone stealing your phone has
all your passwords AND your phone.
>
This is just as likely as stealing your keys that have your RSA token
attached, except that you can put a lock screen on your phone to prevent
someone from opening your TOTP application or getting your text messages.
One probably shouldn't be saving passwords in their browser either, but
that's just my opinion.
Even if you lose your phone with passwords synchronized and no lock screen,
it can still only be exploited by the person with your phone, not a phisher
and certainly not anyone on the dark web, at least in a reasonable amount
of time.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://theatrical.net/pipermail/stagecraft_theatrical.net/attachments/20160624/bf962d26/attachment.html>
More information about the Stagecraft
mailing list