The team at Friend.tech is taking a significant step towards bolstering user security by introducing a two-factor authentication (2FA) password feature.
This security enhancement aims to protect users from the increasing threat of SIM-swap attacks, which have plagued the platform recently.
Friend.tech Introduces Two-Factor Authentication (2FA) Passwords
The move comes as a response to a series of SIM-swap attacks that have targeted Friend.tech users since September. These attacks involve hackers gaining control of users’ phone numbers, bypassing security measures, and gaining unauthorized access to accounts. The consequences have been devastating, with some users losing valuable digital assets.
You can now add a 2FA password to your https://t.co/YOHabcBL3H account for additional protection if your cell carrier or email service becomes compromised.
Neither the friendtech nor Privy teams can reset these passwords, so please use care when using this feature pic.twitter.com/g0m2E4att2
— friend.tech (@friendtech) October 9, 2023
To address these security concerns, Friend.tech announced the addition of 2FA passwords in a post on Oct. 9 on its official social media account. This new feature allows users to add an extra layer of protection to their Friend.tech accounts. If a user’s cell carrier or email service is compromised, the 2FA password will protect them from authorized access.
Users will also be prompted to set up a 2FA password when signing onto new devices, providing an additional barrier against potential attacks. Notably, neither the Friend.tech nor Privy teams can reset these 2FA passwords, placing the responsibility squarely in the hands of users.
The decision to implement 2FA has been met with mixed reactions. While some users have applauded the move, others have criticized Friend.tech for not acting sooner. Prominent platform creator 0xCaptainLevi expressed optimism about the new security feature, emphasizing that 2FA is a “big deal” that can help elevate the social media platform’s security and popularity.
How SIM-Swap Attacks Exploit Friend.tech Users
In a separate thread on X, Blockworks founder Jason Yanowitz shed light on one method by which SIM-swap attacks are orchestrated. Hackers send text messages to users, requesting permission to change their phone numbers. Users can reply with “YES” to approve the change or “NO” to decline it.
If a user responds with “NO,” they receive a genuine verification code from Friend.tech and are prompted to send it to the scammer’s number. This manipulation tactic puts users at risk of losing control of their accounts and digital assets.
Someone is trying to hack my @friendtech
1) Text sent saying they’re changing my number
2) I respond no
3) They say to confirm no, send the verification code
4) Receive actual verification code from friend tech
5) After no response, they text again saying they’ll auto… pic.twitter.com/j76vI969jP
— Yano 🟪 (@JasonYanowitz) October 8, 2023
With the introduction of 2FA password protection, Friend.tech aims to fortify its platform security and give users greater peace of mind. The new feature ensures that even if cell carriers or email services are compromised, Friend.tech accounts remain secure.
LIMITED OFFER for CryptoPotato readers at Bybit: Use this link to register and open a $500 FREE position on any coin!