Article <ussvrc.12v0.1@ID-201911.user.individual.net>

Deutsch English Français Italiano
<ussvrc.12v0.1@ID-201911.user.individual.net>

View for Bookmarking (what is this?)
Look up another Usenet article
Path: ...!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: Frank Slootweg <this@ddress.is.invalid>
Newsgroups: comp.mobile.android
Subject: Re: Codes sent by text message
Date: 13 Mar 2024 18:47:02 GMT
Organization: NOYB
Lines: 31
Message-ID: <ussvrc.12v0.1@ID-201911.user.individual.net>
References: <ush35k$2791b$1@dont-email.me>   <usj60d$2odtf$1@dont-email.me> <eaovbkx207.ln2@Telcontar.valinor> <uskdq1$30533$1@dont-email.me> <ehs1ckx25o.ln2@Telcontar.valinor> <uslrfo$3d85i$1@dont-email.me> <slrnuuufkq.2dnu.trepidation@vps.jonz.net> <uso5sl$3t2g9$1@dont-email.me> <usogor$2qg7$1@dont-email.me> <uspj7v$9u60$1@dont-email.me> <dh16ckxstg.ln2@Telcontar.valinor> <1xkfdi6umcwrp.dlg@v.nguard.lh> <uiu6ckxaub.ln2@Telcontar.valinor> <1p9miiflsgdlw$.dlg@v.nguard.lh>
X-Trace: individual.net /cgk91ud6A94vNZT9Di+Lg92bpuI7C5lSz6C7YZ7+G0m/Ho98z
X-Orig-Path: not-for-mail
Cancel-Lock: sha1:6yaCIGTeyFWqckzDRjUeeaGeJk0= sha256:9MjEG/FGkq0SdOeIrZLhIbgX9t/Z+If/sul27ZHgeSk=
User-Agent: tin/1.6.2-20030910 ("Pabbay") (UNIX) (CYGWIN_NT-10.0-WOW/2.8.0(0.309/5/3) (i686)) Hamster/2.0.2.2
Bytes: 2559

VanguardLH <V@nguard.lh> wrote:
[...]

> I resist putting a bank app on my smartphone.  Anyone that has physical
> access could get into my account using the .  My banks app says "Secure
> your account with a 4-digit passcode or biometric on supported devices."
> Sure wish the PIN were longer, like at least 8 digits, and more like a
> password where I can use alphanumeric characters, capitalization, and
> non-alphanumeric characters.  Or to use both a PIN *and* biometrics
> (fingerprint sensor).

  I don't use a bank app on my smartphone either. No need, on-line
banking on my laptop works just fine (with the bank's hardware TOTP
device).

  *If* you use a bank app, of course you don't only have to protect the
bank app with PIN/password/biometrics, but first of all have to protect
the whole phone with PIN/password/biometrics. So your scenario of
"Anyone that has physical access could get into my [bank] account" is a
non-existing one, because physical access does not mean they can get
'in' your phone.

  Of course there is the theoretical scenario of someone getting hold of
your phone while it is still unlocked - for example they grab it from
your hands and run away -, but even in that scenario, any sensitive apps
- such as your bank app - are still protected by their own PIN/password/
biometrics.

  OTOH, if your name is 'Newyana2', *anything* goes! :-)

[...]