return2ozma@lemmy.world to Technology@lemmy.worldEnglish · 2 days agoFeds Warn SMS Authentication Is Unsafe After ‘Worst Hack in Our Nation’s History’gizmodo.comexternal-linkmessage-square144fedilinkarrow-up1643arrow-down18cross-posted to: news@lemmy.worldinfosecpub@infosec.pub
arrow-up1635arrow-down1external-linkFeds Warn SMS Authentication Is Unsafe After ‘Worst Hack in Our Nation’s History’gizmodo.comreturn2ozma@lemmy.world to Technology@lemmy.worldEnglish · 2 days agomessage-square144fedilinkcross-posted to: news@lemmy.worldinfosecpub@infosec.pub
minus-squaredan@upvote.aulinkfedilinkEnglisharrow-up1·1 day agoIn case you weren’t aware, Symantec VIP is just TOTP-OATH in a fancy coat. You can extract the secret and use it with any TOTP app. I use Authenticator Pro (now called Stratum) because it’s open-source and has a watch app.
minus-squaresugar_in_your_tea@sh.itjust.workslinkfedilinkEnglisharrow-up2·1 day agoDo you know how to extract it?
minus-squaredan@upvote.aulinkfedilinkEnglisharrow-up3·1 day agoI have this bookmarked from a few years ago, back when PayPal only supported Symantec VIP: https://gist.github.com/jarbro/ca7c9d3eebba1396d53b4a7228575948. I haven’t tried it for a while, but it should still work.
In case you weren’t aware, Symantec VIP is just TOTP-OATH in a fancy coat. You can extract the secret and use it with any TOTP app. I use Authenticator Pro (now called Stratum) because it’s open-source and has a watch app.
Do you know how to extract it?
I have this bookmarked from a few years ago, back when PayPal only supported Symantec VIP: https://gist.github.com/jarbro/ca7c9d3eebba1396d53b4a7228575948. I haven’t tried it for a while, but it should still work.