Is Your Mobile Carrier Your Weakest Link? (Krebs on Security)


More online services than ever now offer two-step authentication — requiring customers to complete a login using their phone or other mobile device after supplying a username and password. But with so many services relying on your mobile for that second factor, there has never been more riding on the security of your mobile account. Below are some tips to ensure your mobile device (or, more specifically, your mobile carrier) isn’t the weakest link in your security chain.

For reasons explored more in The Value of a Hacked Email Account, many people become so preoccupied with securing online access to their financial accounts that they overlook or forget the fact that all of those precautions may be moot if hackers can access your email inbox. From that 2013 piece:

“Sign up with any service online, and it will almost certainly require you to supply an email address. In nearly all cases, the person who is in control of that address can reset the password of any associated services or accounts –merely by requesting a password reset email.”