👍 #778 – Why ANY Two-Factor Is Better than No Two-Factor at All

As you can imagine I get frustrated when I see people intentionally stepping away from things that would increase their security, particularly if their reasons are flat-out wrong. I share a little of that with respect to two-factor authentication.

Short version: use it. You'll be more secure. Really.

Also this week:

After all this time, my opinion hasn't changed: if and when it works, it's fine, but fundamentally System Restore is not to be trusted.

Flash drives wear out. So what does that mean if you leave one plugged in all the time?

Speaking of walking away from things that make you more secure, headline writers continue to frustrate me when they use scare tactics to get noticed. Here's how they frustrate me.

Have a great week!

Leo

Featured

Why ANY Two-Factor Is Better than No Two-Factor at All

This is an update to an article that originally discussed only SMS two-factor authentication. Since then, two things have happened:

  • An exploit kit was published allowing a phishing attack to hijack a two-factor secured login.
  • Various media declared, “Two-factor has been hacked!”

Unfortunately, these have led some to believe that two-factor authentication is pointless. To quote a reader:  “This makes 2SV quite useless in many cases.”

No. Just … no. That's a seriously mistaken conclusion.

I'm re-visiting this topic yet again because I want to be very clear: two-factor authentication is not useless. In fact, two-factor authentication — SMS-based or otherwise — is significantly more secure than not using two-factor authentication at all.

Continue Reading: Why ANY Two-Factor Is Better than No Two-Factor at All
https://askleo.com/70786

This Week's Articles

Why I Don't Like System Restore

When I go into the System Restore application, it doesn't give me the option to create a restore point; it only allows me to restore to an earlier point and it never creates restore points. Any ideas on what might be wrong or how to fix it?

I'll be honest: I have no answer for your question.

There are many possibilities, the most likely being there is not enough disk space allocated for restore points. In my experience, increasing that may or may not resolve the issue.

System Restore is so difficult to diagnose, and I hear of so many problems and misunderstandings with it, that I now avoid it completely. I turn it off completely. It's not worth it to me.

I'll tell you what I do instead.

Continue Reading: Why I Don't Like System Restore
https://askleo.com/5027

Is It Safe to Leave a Flash Drive Plugged In All the Time?

Some time ago I think I read on your site that flash drives can wear out. Now, I keep my flash drive in all the time because I'm a writer and am always backing things up on the computer and the flash drive, but I dislike having to close the flash drive down, take it out, only to reinsert it again after I take a break or run an errand. And I always leave it in when I run a full system scan because the flash drive will get scanned also.

1. Is it harmful to the flash drive to just leave it plugged in 24/7, even when I put the computer on standby for the night?

2. Why is it necessary to shut the flash drive down before removing it from the computer? Why can't I just pull it out when done?

3. And if I am correct about flash drives wearing out, what wears out? As far as I can tell, they have no moving parts. And at what point should I consider replacing the flash drives I have?

These are very legitimate, but unfortunately very tough, questions to answer.

Flash drives do wear out, absolutely.

But exactly when a flash drive will wear out depends on so many things, it's impossible to give a specific answer. All I can say is “It depends.”

I'll give you some guidelines that I'd follow on using a flash drive, were I in your shoes.

Continue Reading: Is It Safe to Leave a Flash Drive Plugged In All the Time?
https://askleo.com/4224

Why Password Vault Bugs Make Me Cringe

A couple of weeks ago, it was announced that LastPass had a bug that could, in certain circumstances, expose a password to a malicious website.

It makes me cringe, but not for the reasons you might think.

And it doesn't have to be LastPass. I'd cringe in the same unexpected way for most of the bugs discovered in any sufficiently mature password vault.

I cringe because of the predicable, unwarranted, over-reaction.

Continue Reading: Why Password Vault Bugs Make Me Cringe
https://askleo.com/94836

For Ask Leo! Patrons

The Ask Leo! Tip of the Day

A feature exclusively available to Ask Leo! Patrons Bronze level & above.

More Ask Leo!

Tech Enthusiast Hour: I'm one of the regular hosts of the weekly Tech Enthusiast Hour podcast! Join us as we discuss the latest news & tech goings on. More information at tehpodcast.com!

Become a Patron
Ask Leo! Books
Facebook - YouTube - More..
Buy me coffee...

Leo's Other Projects....

HeroicStories Since 1999, HeroicStories brings diverse, international voices to the world ' reminding us that people are good, that individuals and individual action matter. Stories - new and old - are published twice a week.

Not All News Is Bad - Each day I look for one story in the current news of the day with a positive bent. Just one. And I share it.

leo.notenboom.org - My personal blog. Part writing exercise, part ranting platform, it's where I write about anything and everything and nothing at all.

Help Ask Leo! Just forward this message, in its entirety (but without your unsubscribe link below) to your friends. Or, just point them at https://newsletter.askleo.com for their own FREE subscription!

Newsletter contents Copyright © 2019,
Leo A. Notenboom & Puget Sound Software, LLC.
Ask Leo! is a registered trademark ® of Puget Sound Software, LLC