Hacking two-factor authentication #summerReruns

There are two reasons your Google account will get hijacked. This time, I will focus on the second.

The original article Two reasons your Google account gets Hacked is (at the time of publishing) the second most viewed article on eduGoogDroid for a good reason.

The two reasons were:
  1.  Week Passwords
  2. Phishing
Two solutions are:
  1. Strong Password: Minnum of 10 characters long and at least one of each upper/lower case, symbol, number.
  2. Two-factor Authentication (2FA)
Use both. Here, I will focus on the 2FA problem. Imagine one day you receive a text message:

FROM: (855) 555-5555
Your Google™ account was recently accessed through a malicious attack. To protect your account, please reply to THIS message with a code you will receive in a moment.

But, Google never sent it. It's a way of phishing for 2FA codes. What's the solution to this?
  • Google will not ask for 2FA other than when you're longing in. So, don't answer.
  • Use a different phone number (Google Voice) other than what may be associated with you.
Be Safe!