Google Duo was first introduced at Google’s I/O developer conference back in 2016 and has picked up quite the number of new features over the years. Google’s ChatGPT rival is an ethical mess, say Google’s own workers Both Duo Mobile and Authy suggest that not encrypting the account names or sites can help with account recovery, but that claim rings hollow to us: Knowing which accounts have two-factor authentication enabled doesn’t ease the process of getting back into an account.Google Bard can now speak, but can it drown out ChatGPT? Better yet, we’d prefer the company didn’t collect this data at all. Authy recently updated its privacy notice to include more information about what the company can access and added in an email to us that, “Access to this information is limited to employees who either support Authy or have a valid need-to-know.” We appreciate the addition to the policy but think this information should be in the app, as well. Unlike Duo Mobile, which stores the backup on either iCloud or Google Drive, Authy stores the backup on its own servers, which theoretically gives the company access to those details. Security researchers at Mysk also found this same info was sent in analytics, which may be linked to your email address and phone number. Similarly to Duo Mobile, Authy’s backups don’t encrypt some information that you might expect it to, sometimes including the name of the website and a username (you can edit these, but we suspect few people bother to do so). But for most people, the potential security risk of backing up codes online is outweighed by the fear of being locked out of accounts for good, so for the apps that do offer backups, we looked for clear explanations of how the backups worked, where they’re stored, and how they’re encrypted. So we looked for authenticators that left this feature opt-in.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |