@AskPayPal Thanks, DM sent
@Scott_Helme @muchilwa @troyhunt @reporturi Maybe revise this recommendation: pic.twitter.com/b4CcsTpSfq
@Scott_Helme @muchilwa @troyhunt @reporturi I wish I knew that…
This 💠https://t.co/H8oggP1fS6
@troyhunt @grimmware @Scott_Helme @reporturi Well, I am in the single digit population and now I have this anxiety. Where can I get help? ðŸ˜
@crmviking @troyhunt @Scott_Helme @reporturi Do you think average people think that far ahead?
Blaming the user is always easy…
@troyhunt @Scott_Helme @reporturi I think that the main take away is that a small business like @reporturi thought… https://t.co/vt0gNCnglR
@troyhunt @Scott_Helme @reporturi I didn’t ask for it to be that way. But since they didn’t do it properly in the b… https://t.co/jsP3pMmkWp
@Scott_Dayman @Scott_Helme @troyhunt @reporturi @1Password Must have changed now. Back in April I don’t remember having any code…
@m_in_m @GossiTheDog @troyhunt @Scott_Helme @reporturi @LastPass This didn’t work for me. But LastPass fell back to… https://t.co/wPhj00xflu
@grimmware @troyhunt @Scott_Helme @reporturi I can see the irony 🙂
The risk here is that people will not adopt MFA… https://t.co/Ytdu1aH9Oi
@living_syn @troyhunt @Scott_Helme @reporturi Also, let’s not forget that not long ago, PayPal offered SMS code onl… https://t.co/9biHAjuIAs
@living_syn @troyhunt @Scott_Helme @reporturi Nope, they didn’t. Funny ho@reporturiri thought about this bu@PayPalal didn’t.
@troyhunt @Scott_Helme @reporturi That’s not entirely true. The second question is “here’s my username, password *a… https://t.co/07wMaUrTRr
@RoryGreenfield Well done 💪
@Scott_Helme @troyhunt @reporturi Successfully recovered my @reporturi account despite no longer having access to m… https://t.co/dPs1agHdtY
@Scott_Helme @troyhunt @reporturi Plus, PayPal doesn’t have a process to cover this edge case. On the phone they as… https://t.co/uMFLRQP3rB
@Scott_Helme @troyhunt @reporturi Look, I can live without a PayPal account. That’s not the issue here.
But with a… https://t.co/MNgNtcKPJR
@Scott_Helme @troyhunt @reporturi For report-uri you provide a static code that can be used as an alternative to au… https://t.co/s2daMkPmKt
@Scott_Helme @troyhunt If someone
✅ has my password AND
✅ can receive SMS for my phone number AND
✅ knows my cred… https://t.co/c2X5OWVQLh
@Scott_Helme @troyhunt @reporturi Fair enough. But PayPal doesn’t do that. No other option to get around the authenticator code
@Scott_Helme @troyhunt They ask for additional measures when changing password:
- confirm phone number
- last dig… https://t.co/WjEQNNnLqL
Too bad I’m locked out my account because I want to use better security controls… cc @troyhunt @Scott_Helme
It… https://t.co/xxYIYbNKJx
The problem is - this screen does not accept any other method in case you no longer have access to the Authenticato… https://t.co/FgUfwHMv0I
So, @AskPayPal - I have the same problem as here: https://t.co/7yzxPMdpjh
I bought a new phone, no longer have acc… https://t.co/x31UtFgn9E