Bookmem Posted January 2, 2022 Share Posted January 2, 2022 I like the method my bank uses. It doesn't require 2FA each time I login, but it does check the MAC address of the computer. If the computer isn't "registered", then it uses 2FA. Since I only use one of my desktops for banking, and not any of my other devices, then this isn't a problem. 1 Quote Link to comment Share on other sites More sharing options...
securitybreach Posted January 2, 2022 Author Share Posted January 2, 2022 1 minute ago, Bookmem said: I like the method my bank uses. It doesn't require 2FA each time I login, but it does check the MAC address of the computer. If the computer isn't "registered", then it uses 2FA. Since I only use one of my desktops for banking, and not any of my other devices, then this isn't a problem. That's cool but at the same time, it's not hard to spoof a MAC address. You would need to be targeted specifically but there is a chance.. Quote Link to comment Share on other sites More sharing options...
Bookmem Posted January 2, 2022 Share Posted January 2, 2022 2 minutes ago, securitybreach said: That's cool but at the same time, it's not hard to spoof a MAC address. You would need to be targeted specifically but there is a chance.. Nah. I'm an 82yr old living on SS, so I'm a highly unlikely target. And I live in a 400 unit apt bldg, so picking out my "network traffic" from the dozens of others in the bldg, would be next to impossible. Quote Link to comment Share on other sites More sharing options...
Digerati Posted January 2, 2022 Share Posted January 2, 2022 6 minutes ago, Bookmem said: I like the method my bank uses. It doesn't require 2FA each time I login, but it does check the MAC address of the computer. If the computer isn't "registered", then it uses 2FA. That's not how it works or what they are doing. For starters, NO WAY can your bank (or any website) see the MAC address of your computer under any circumstances. The MAC address is used to identify your computer's NIC on your local network. That information is not sent upstream. Even your ISP cannot see your computer's MAC. The ISP can see your gateway device (typically the modem), but not the MAC addresses of the devices connected to your modem. There is even another barrier if using a router - and odds are, you are. What is happening is when you log into your bank, a "cookie" is saved on your computer. Then, next time you log in, your browser looks for that cookie. If found, you get logged in without using 2FA ("IF" that cookie has not expired). If no cookie found, you have to use 2FA again. 1 Quote Link to comment Share on other sites More sharing options...
securitybreach Posted January 2, 2022 Author Share Posted January 2, 2022 Yup Quote Link to comment Share on other sites More sharing options...
crp Posted January 3, 2022 Share Posted January 3, 2022 11 hours ago, Bookmem said: I like the method my bank uses. It doesn't require 2FA each time I login, but it does check the MAC address of the computer. If the computer isn't "registered", then it uses 2FA. Since I only use one of my desktops for banking, and not any of my other devices, then this isn't a problem. Does your bank allow for using a VPN ? Quote Link to comment Share on other sites More sharing options...
Bookmem Posted January 3, 2022 Share Posted January 3, 2022 14 hours ago, crp said: Does your bank allow for using a VPN ? Don't know. I've never tried it. I don't use a VPN on that box. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.