2.5 Admins

2.5 Admins 163: Two Factors One SPOF

Oct 5, 2023

This podcast explores the consequences of a network breach caused by Google Authenticator. It discusses the vulnerabilities of the app and suggests an alternative. The hosts also delve into TV setups and streaming services, comparing different approaches for a convenient viewing experience. Additionally, they recommend Collide for device compliance and advise against unreliable external hard drive brands.

28:30

Creator website

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Choosing security solutions based on your threat model is crucial to avoid breaches like the one caused by Google Authenticator.

Evaluate the value of what you are securing and select appropriate security measures, such as paid services or work-specific authenticators.

Deep dives

Google Authenticator and Network Breaches

One company's network breach became worse due to Google Authenticator. The compromise of a customer support system led to attacks on 27 cryptocurrency industry customers. The attacks were initiated when a retool employee clicked on a phishing link in a text message claiming to be from the company's IT team. The compromised employee provided both a password and a temporary one-time password from Google Authenticator. Google Authenticator is not securely synced via the cloud, making it vulnerable if a Google account is compromised.

Introduction

2min

Google Authenticator Security Vulnerabilities and Offie as an Alternative

9min

TV Box Setups and Streaming Services

7min

Device compliance and recommendations for external hard drives

5min

Choosing the Right Hard Drives for Different Needs

5min

A network breach teaches us all a valuable lesson about threat models, Allan and Jim’s TV setups, and picking the right external storage solution.

Plugs

Support us on patreon

News/discussion

How Google Authenticator made one company’s network breach much, much worse

Amolith’s wiki page about passwords

Feedback

Allan’s TV remote control

Free Consulting

We were asked about picking the right external storage solution.

Kolide

Kolide ensures that if a device isn’t secure, it can’t access your apps. It’s Device Trust for Okta. Watch the demo today to see how it works at kolide.com/25a

See our contact page for ways to get in touch.

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

2.5 Admins

2.5 Admins 163: Two Factors One SPOF

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Google Authenticator and Network Breaches

Choosing Security Solutions and Threat Models

Creating a Personal Media Center

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights

2.5 Admins

2.5 Admins 163: Two Factors One SPOF

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Google Authenticator and Network Breaches

Choosing Security Solutions and Threat Models

Creating a Personal Media Center

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights