Comment by emerongi
10 years ago
Swedbank also requires two-factor authentication. You can bypasss this by calling them - they only ask for 1 thing to authenticate you. Two-factor authentication is rather useless if you can just bypass it like that.
10 years ago
Swedbank also requires two-factor authentication. You can bypasss this by calling them - they only ask for 1 thing to authenticate you. Two-factor authentication is rather useless if you can just bypass it like that.
>You can bypasss this by calling them - they only ask for 1 thing to authenticate you.
The domain for my personal site is shared with my family. My father registered the domain and all of the details in the account use his information. I had just created an AWS account and wanted to move the site's DNS to Route53.
I was able to call into the domain registrar and get exactly zero of the details correct, but they pointed the domain to Route53. It was hilarious how bad it was. I used my social, my name, my address, etc., none of which matched the info on file.
Even if I had used my father's info, it (except the social) would have been wrong because we lived overseas on a military base. When your system says Japan and someone from the US is calling, that should set off all sorts of alarm bells.
Yes, and I had no idea they were that easy to bypass on a social level.
Also this CC# generator falls outside of the 2FA scope, also something I asked them about several years ago and received the same reply "it's not our service".
It's scary.