“It is easier than you think for someone to steal your password. The
2-Step Verification can help keep bad guys out, even if they have your
password. With 2-Step Verification, you’ll protect your account with both your password and your phone.” This is written in the
main site about the two-step verification for Google. But your account is not very safe with this also, there is a way around this.
Grant Blakeman, whose Instagram was hacked through his gmail account, wrote in
Ello that even after using the Two-step Authentication he couldn’t stop his account being hacked, which shows that this two step auth doesn’t stand against every security threat. He checked with his cell phone provider and sure enough,
call-frowarding had been enabled on his number to an unknown number. The attack initially started with the cell phone provider, which allowed some level of access or social engineering to his Google account, which in turn allowed the hackers to get a password reset email from Instagram, which gave them full access to his account.
[TABLE="class: ncode_imageresizer_warning"]
[TR]
[TD="class: td1"]
[/TD]
[TD="class: td2"]This image has been resized. Click this bar to view the full image.[/TD]
[/TR]
[/TABLE]
