Why does nobody talk about how 2FA codes are easy to intercept on public WiFi

I was at a coffee shop downtown last Tuesday and overheard two guys talking about how they pull 2FA codes right off the air in busy places. They said most people don't know that SMS codes can be grabbed by a cheap radio setup for under $50. It made me think about how often I log into my bank on public networks without a second thought. I looked into it after and found out that app-based authenticators are way safer because they don't travel over the network. So now I only use Google Authenticator for my accounts, not SMS. Has anyone else switched to app-based codes after learning this?

3 comments

3 Comments

kevin_roberts416d ago

Right? "Can they really snag those from a block away too?" I mean, why stop at a block, let's just hand them a megaphone at that point. Look, if two random dudes in a coffee shop can pull this off for 50 bucks, you gotta wonder how many real hackers are already camping outside banks doing it. I switched to app codes the day I saw a YouTube video of some kid demonstrating it with a Raspberry Pi. It's honestly shocking how little it's talked about, makes you feel kinda stupid for ever using SMS.

rivera.susan6d ago

Wait, can they really snag those from a block away too?

foster.ruby6d ago

Makes you realize how many things we just trust without thinking twice... like the whole system is built on stuff that's way easier to break than they want us to know.