Switching to a More Secure 2FA 🔐
Protect your OneOf Account with Google Authenticator
At OneOf we take the security of you, our members, and your accounts seriously. We wanted to make sure you’re aware we now offer two-factor authentication (2FA) via Google Authenticator. If you haven’t already done so, we highly recommend moving your 2FA from SMS to Google Authenticator — which takes only 2 minutes and is really easy to do right here in your profile settings.
Why Switch From SMS to an Authenticator App?
Two-factor authentication (2FA) is an essential level of protection against unwanted and unauthorized access to your OneOf account. Whilst SMS is a popular and easy-to-use option for 2FA — it’s not necessarily the most secure.
Authenticator apps such as Google Authenticator have proven to be more secure, more reliable, and even faster than SMS 2FA. Unfortunately, the more convenient (thus popular) SMS option attracts hackers who have become more and more successful in rerouting 2FA SMS messages. Here are some common ways hackers are able to compromise 2FA SMS:
The hacker redirects your phone number to a new device from which they retrieve the 2FA SMS. All they need is your phone number and the last four digits of your social security number (which may have already been stolen in an earlier hack you weren’t aware of).
The hacker forges an authorization through a company that provides rerouting services. Entire businesses can be targeted this way and the hacker can request multiple numbers to be rerouted to other devices, including computers.
With an SS7 attack, hackers can listen to calls and read texts directly on mobile phone networks.
Hacking Devices Directly
Hackers use malicious emails, texts and third-party apps to hack into a device (or an entire business network) to see everything that happens on that device or business network.
Why are Authenticator Apps More Secure?
With authenticator apps, like Google Authenticator, you’ll get a code on your phone that is specifically linked to your OneOf username and password. The authenticator app is also tied directly to your physical device. Even if the hackers were able to reroute your number, they wouldn’t receive the codes.
In order for the authenticator app to work with your OneOf account, you first need to “pair” the app on your device with your account. If you change your device, you’ll have to go through the process again.
Another benefit of an authenticator app is that codes expire quickly. A new code, which you’ll need to use to log into your OneOf account, is generated every 30 seconds and can only be used once.
OneOf Takes Safety Seriously
OneOf will never ask you for your password. A safe password requires a mix of uppercase and lowercase letters, numbers, and at least one special character. Remember to always beware of phishing attempts, such as an unofficial OneOf address that directs you to an unrecognized or odd URL and asks for your username and password. Lastly, beware of Discord scams, that might request your crypto wallet address, seed phrase, username, passwords, or even your home address.
Account and user safety is our number one priority at OneOf. If you haven’t already, please take a minute to switch to Google Authenticator to protect your account now.
Deeply committed to a sustainable and inclusive blockchain future, OneOf is a platform that supports NFTs on multiple energy-efficient blockchains, connecting fans and collectors to iconic musicians, athletes and brands. OneOf aims to bring the next 100 million non-crypto-native fans into Web3 by removing the technical frictions and allowing fans to pay for their NFTs with credit/debit cards as well as major cryptocurrencies. Minting an NFT on OneOf’s platform uses up to 2 million times less energy than proof-of-work networks, and for its users, purchasing NFTs costs $0 in blockchain gas fees. A leader in diversity, over 80% of the collections curated by OneOf come from minority or female creators. Visit oneof.com for more information.