general

stay private and prevent of spam with these simple services

you have to signin for every service online, with 10minutemail.com you don’t need to provide your own/private mail account, it creates a valid random account for about (for sure) 10 minutes, the provider explains

sign up for a site which requires that you provide an e-mail address to send a validation e-mail to. And maybe you don’t want to give up your real e-mail address

check out https://10minutemail.com

as same as for mail it is also available for sms, your don’t have to provide your personal phone number, e.g. send any verification code to one of the free available numbers

try it: https://www.receive-sms-online.info/

security

switch to modern authentication – sms as second factor is insecure

not only since twitter ceo jack dorsey was a victim with activated additional sms authentication for it’s account – now twitter disabled “temporarily” the ability to tweet via sms

…that phone numbers and sms’s were not designed to be used as two-factor authentication systems, as they are insecure.

Fabio Assolini, Senior Security Researcher at Kaspersky Lab, TechRadar Middle East

sim swapping is a technique of porting the same number to a new sim card of someone else, instead use features like oauth (already developed in 2006) – modern uem solutions ot casb take care about this with checking additional properties, like manged apps or encrypted devices > further secure alternatives below

multi-factor authentication
innovation, technology

multi-factor authentication

most used passwords still “12345” and “password”, keep you private data as save as enterpises

secure authentification needs to be smart

smssim

short message service is the most convinat second factor, but sms is insecure and can be intercepted – major us carriers working together on next-gen ‘mobile authentication platform’ to replace weak sms system

mobile id

is a more secure service, based on certificates and secured with a seperat pin – special sim needs to be provided form the carrier @mobileid

id cardLogo_nPA

electronic id function of the german passport to secure authenticate at public services, insurances or banks – registred to you secured with a pin – you need a card reader or app @personalausweisportal

oath

is an open standard that allow strong authentication of all users on all devices – no need to send or her intercepted with man in the middle (mitm) attack, code ist calculated in an app – get code right at your smartwatch or backup you accounts with andotp

update: since ios12 and macos 10.14 it is possible to configure oauth in exchange payload via emm, read detailed at: apple’s configuration profile reference

pointsharp

d2ff31ae74196b94cdbdf4dd812ea5bb.png

provides secure login with multi-factor authentication to enterprise alliances or cloud services – use pointsharp passwort for mobile services, instead of windows accounts – login with scratch cards, hardware token smartwatch, biometrics or one-time pin

fido

71G5MIq2OPL._SL1500_
review here

an alliance to provide passwordless experience and a secure second factor – a hardware device ensure the trust of identity @fidoalliance.org

microsoft announced “password-less sign-in to windows 10 & azure ad using fido2” @blog.microsoft

cloud

casb (cloud access security broker) check access based on security policy infront a a cloud service

iam (identity access management) manage user identities centralised, provide role-based access

emm alone can’t prevent users from accessing cloud services via unmanaged apps or browsers. neither iam nor casb have the visibility or ability to allow or deny access to a cloud service based on the state of the mobile device or application. @mobileiron

access.png

arrow be safe – review here for list of websites and whether or not they support 2fa

no excuses anymore