Rob Braxman is WRONG about 2FA. Here's why.

preview_player
Показать описание
Rob Braxman, a self-proclaimed cybersecurity expert, recently released a video saying that 2FA is a scam. But, is it really? Or was this bold statement made to get more clicks? Watch as I react to Rob's video and find out whether or not his claims are legitimate.

If you care about your personal security and privacy online, download my free security checklist here:

🔹🔹🔹What You Should Watch Next🔹🔹🔹

We've got a lot of great privacy- and security-related content here on the All Things Secured YouTube channel (although we admit we're a bit biased). If you're wanting to increase your online cybersecurity, here's what's next:

🔹🔹🔹Help Support All Things Secured (Recommended Services)🔹🔹🔹
If you enjoy this kind of practical security and privacy content, one of the best ways you can help support this channel is by using these affiliate links to our favorite products and services. When purchasing through these links, you not only get the best available deal, the companies will also pay us a small commission. Thank you for your support!

*********************
Video Timestamps
*********************
0:00 - Is 2FA really a scam?
1:00 - Disclaimer: I am NOT a Security Expert
1:56 - Rob's Definition of 2FA
2:39 - Rob's Idea of a Safe 2FA
3:17 - Can 2FA be harmful?
5:39 - Lesson 1: 2FA is NOT a Scam
6:02 - Lesson 2 - Use a 2FA Key
6:21 - Lesson 3 - Consider Separation of Powers
6:50 - Final takeaway: Be skeptical of anybody giving advice online.
*********************

Two-factor authentication is far from perfect, but it's definitely not a scam. So, if you have the option to enable 2FA in your account, I recommend you do it. Rob's video is a good example of why you should be skeptical of anybody giving advice online, and that includes me. Make sure you also do your own research!

#robbraxman #2fa #yubikey
  1. All Things Secured
  2. rob braxman
  3. 2fa is a scam
  4. 2fa
  5. 2 factor authentication
  6. two factor authentication
Рекомендации по теме
Rob Braxman is 0:07:33

Rob Braxman is WRONG about 2FA. Here's why.

Election Shock: Why 0:25:27

Election Shock: Why the Pollsters Got It Wrong. Secret Revealed!

What's Wrong with 0:16:53

What's Wrong with Signal, Whatsapp, Telegram, Protonmail, Tutanota?

BytzVPN Review - 0:14:23

BytzVPN Review - Honest Review of Rob Braxman's VPN - Is it Good?

Who is privacy 0:04:17

Who is privacy evangelist Rob Braxman?

Don't Make Bad 0:22:21

Don't Make Bad Messaging Choices! Detailed Analysis

Why you need 0:08:39

Why you need De-Googled & De-Appled phones | Rob Braxman Tech

Why the iPhone 0:23:59

Why the iPhone 16 Should Scare You Shitless!

AI Assistants or 0:25:06

AI Assistants or Companions (Agents) are Bad! Well, Maybe Not All...

Live - Rant! 1:32:45

Live - Rant! Why I am able to give you this privacy information, + Q&A

Privacy. That's NOT 0:16:45

Privacy. That's NOT iPhone!

Why an Antivirus 0:17:59

Why an Antivirus Does Nothing for You

You Do Not 0:21:27

You Do Not Want to Be on This List! 4 Tips to Remember

Google Tricking Me 0:18:27

Google Tricking Me to Get a Phone Number (2FA)! Why This is Not About Security

the most advanced 0:54:58

the most advanced SPYING device ever created? #privacy

Switch to Linux? 0:22:48

Switch to Linux? The Real Privacy OS

Which Device AI 0:26:02

Which Device AI Spies on You the Most: Microsoft, Apple or Google? NOT Who You Think

Are there eSIM 0:19:11

Are there eSIM Hidden Dangers?

I am DONE 0:10:47

I am DONE with iPhones!

Two Factor Authentication 0:25:14

Two Factor Authentication (2FA). The SCAM of the Century. Defensive Strategy.

How I Would 0:17:38

How I Would Make the OS a Man-in-the-Middle -- Rob Braxman Approach

Be a Subversive 0:15:24

Be a Subversive with Linux! We are under Attack!

Email Destroyed Our 0:23:57

Email Destroyed Our Privacy - 15 Solutions!

Bring Your Linux 0:27:25

Bring Your Linux Knowledge Up with Required Command Line Settings

Комментарии
Автор

I watched Robs original video a while ago and it was clear to me he was talking about using a phone number for 2fa. It's a way for big tech to get your phone number.

huckleberryfinn
Автор

I'm against 2FA, not because of security risks or because of privacy risk, but risk of single point of failure. I don't want phone companies or governments blocking me from access to something that I could otherwise have provable access to. 2FA is definitely 100% not provable access. You have to be "good" with whatever authority controls the phone number. Not worth it for some people.

TimJSwan
Автор

He never said it was a scam. He shows how big Corp uses it in an evil way to link you as a real person to all your digital activities.
He even states more than once that in a cybersecurity aspect, it’s a great method. He’s referring to a PRIVACY aspect.

JQS
Автор

I like you and Rob. I think many misunderstand Rob's comments. He does explain what he means by being a scam and you basically concurred that most of the 2FA is a scam. By scam, meaning a tool for them to cross reference you to various devices and or accounts. You both agreed that devices like ubikey or my favorite only key is not dependent on Google, Apple, etc. knowing who you are and what devices you have on their app.

halliard
Автор

Rob is very knowledgeable, but viewers should not forget that he is also trying to sell you his security and privacy products. So there might be some bias.
Personally, I have learned a lot from watching his videos, but I have not bought anything from him. He raises privacy/security awareness, and that is a good thing.

andreasplosky
Автор

Ok, not even 10 seconds into the video and already you are wrong. Rob did not say "ALL" 2fa was a scam. He said that you should use 2fa that does not require you go give up your personal phone number.

trexter
Автор

I'm glad you are addressing this. I've seen Rob's videos and scratched my head. We must challenge all things and stay alert and skeptical to ensure we follow the path of best practices.

SeanMMcCormack
Автор

i picked up pretty quick he was over sensationalising the issue so clicked on the 3 dots in the recommended videos on the right next to his video and picked "Do not recommend his channel"...

PubRunner
Автор

As a cybersecurity studient I really love your video, especially when you explained "I'm not an expert, don't trust me" ... Oh god thanks !

EverNaughty
Автор

Maybe you should have had a conversation with Rob before pulling the trigger on your click-bait video and calling out someone else who by your own admission do not know and more than likely don't understand! Where does Rob say he uses Gmail? Get your facts straight before falling for peer pressure/ putting the cart before the horse video creation.

BillOldsen
Автор

"you also have the option to use authenticator apps and security keys". Wrong, most banks don't give you this option but force you to use SMS messages and lose your privacy. Its an excuse to get more data on you and opens you up to SIM jacking frauds which actually reduces your security.

tobykelsey
Автор

I wouldn't say 2FA is a scam but it is vulnerable. SIM Swap Attacks are real and I believe there are SIM Copies out there as well, when you or I receive a 2FA code so does the person trying to steal your identity. They basically get a text when you do. And most likely have access to your financials. It's crazy what hackers can do.

ronniehigginson
Автор

Great video Josh! Glad you made this as I do trust your knowledge and suggestions. I, too, follow up on your topics with a significant amount of research on both sides of subjects so that I can weigh in my thoughts, beliefs, needs. Then look at as many pros and cons as possible and then make my final decision on what's best for me.

marleysmommy
Автор

I gotta tell you.... I don't know why you made this video. I watch you and Rob and other privacy oriented channels (and instant karma and cat videos). Anybody that watched his vids, as you say you do, knows that he is talking about SMS text 2FA as being unsafe. He's made dozens of videos about it. Thanks for the of the videos you make. I'll finish this one, even like it, but, I hope you don't continue down this path.

jellybean
Автор

Great points, but Rob isn't wrong if you look at his context of identity/privacy management. He's advice is the same as to not have any one company have all your information. He uses Gmail only so that he can access Google services but does not use it anywhere else. Of course he is sensationalizing for clicks in part and you are absolutely right but in the end you are both suggesting the same advice.

drakezen
Автор

I haven't watched his video, but having dealt with a lot of family members who get scammed or ask me for advice, there's a big difference between the main three adversaries most people think of: Scammers, the government, and Big Tech.

For protection against the government and big tech, a lot of these defenses apply. Separation of powers, limiting access to your accounts, avoiding adding personal information where possible.

But most people are more worried about scammers taking their bank passwords and stealing their money. Or opening up fraudulent bank accounts with their details. This is where 2FA is a useful minimum standard of personal security.

CatastrophicalPencil
Автор

I think Rob is telling about the 2fa by google app.... He told that even google has Totp option they implement and promote the 2fa by google app inorder to track our devices...

harikrishnan
Автор

Josh, I always appreciate your videos because you consistently present your ideas as suggestions, not one of "The Ten Commandments". You offer food for thought that begins a discussion and research from which the user can make their own decisions to do or not do. You clearly note that there is seldom a one-size-fits-all solution or THE answer. Kudos.

agray
Автор

Yea I was confused there too for a second... him saying 2FA is a scam. The first thing that came to my mind is TOTP and the different authenticator apps I have on my phone... since like you said... these are 2FAs. Rob should have been more specific and say that "2FA using phone SMS can be exploited"... and I have read an article on this before how it is done.

The best thing to do is use a password manager like Bitwarden and use the built-in random password generator it has for all your password needs. Use at least 20 characters long of random letters, numbers, special characters with a mix-up of small and capital letters. Even more important is secure your password manager with a long master password (at least 16-20+ characters long) that you haven't used anywhere else. It's even better if you can afford to use a hardware 2FA authenticator like Yubikey to secure your most important accounts. Just make sure you buy a minimum of 2 keys so you have a back-up.

xellaz
Автор

I love your channel. But I have a question. Accessing through imap bypasses most of 2fa but I am not really sure if bypass the security key 2fa. Do you have idea? Thanks

gerardolydna
welcome to shbcf.ru