I ignored two factor auth for years until it bit me at a coffee shop

Last Tuesday I was at a Starbucks in downtown Austin checking emails on their wifi. Got a notification that someone logged into my bank account from a phone in Nigeria. I froze for a solid 30 seconds before realizing I left my bank account without any extra security. Spent the next hour on hold with their fraud department while the barista asked if I wanted a refill. They caught it fast because the login was from an old device they flagged, but I lost access to my account for 3 days while they reset everything. All because I kept thinking two factor was too annoying to set up. Has anyone else had a close call that finally pushed them to lock things down?

3 comments

3 Comments

hugos461mo ago

That Nigeria thing is wild to me, how do these people even target random accounts like that? Were you using the same password for that bank that you use for other sites (like a shopping site or something you signed up for years ago)? I only ask because I feel like that's the real trap, not just skipping two factor. Two factor would have stopped it for sure, but if they got your password from a data breach on some random forum you joined in 2016, that's a totally different problem to fix.

jamie_webb671mo agoMost Upvoted

Totally agree with you @hugos46, reused passwords are the real killer here. I had a similar scare a few years back where some rando got into my Steam account because I used the same login from an old gaming forum breach. Now I just use a password manager for everything, makes it way easier to have unique ones everywhere.

caseythompson1mo ago

My buddy Dave got hit exactly like that from an old MySpace leak.