Two-factor authentication (2FA) is a fantastic way to improve the security of your online accounts. However, if you lose access to the device containing your authenticator app, you may lose access to your 2FA-protected accounts. You need to backup the seed codes used to set up each account. I'll give you several methods for doing this.

In the news: FBI uses smartphone push notifications to track down criminals; Roku TVs block all access until users consent to force arbitration; cheap video doorbells have horrible security; AI can be used to determine where photos were taken; vending machine caught using facial recognition; what happens to your data when a data broker goes bankrupt; your personal information that is publicly available; New Jersey passes motor vehicle data deletion law; Proton Mail's new email aliasing feature; in Canada, police now need warrant to get a person's IP address; US cracks down on commercial spyware firm; NSO Group forced to hand over source code to Meta in legal case; Authy is shutting down its desktop app.

Article Links

[The Washington Post] The FBI’s new tactic: Catching suspects with push alerts https://www.washingtonpost.com/technology/2024/02/29/push-notification-surveillance-fbi/

[TechCrunch] Roku disables TVs and streaming devices until users consent to forced arbitration https://techcrunch.com/2024/03/05/roku-disables-tvs-and-streaming-devices-until-users-consent-to-forced-arbitration/

[Consumer Reports] These Video Doorbells Have Terrible Security https://www.consumerreports.org/home-garden/home-security-cameras/video-doorbells-sold-by-major-retailers-have-security-flaws-a2579288796/

[NPR] Artificial intelligence can find your location in photos, worrying privacy experts https://www.npr.org/2023/12/19/1219984002/artificial-intelligence-can-find-your-location-in-photos-worrying-privacy-expert

[Ars Technica] Vending machine error reveals secret face image database of college students https://arstechnica.com/tech-policy/2024/02/vending-machine-error-reveals-secret-face-image-database-of-college-students/

[The Markup] What Happens to Your Sensitive Data When a Data Broker Goes Bankrupt? – The Markup https://themarkup.org/privacy/2024/02/23/what-happens-to-your-sensitive-data-when-a-data-broker-goes-bankrupt

[Lifehacker] All of Your Information That’s Publicly Available (and What You Can Do About It) https://lifehacker.com/tech/all-your-information-thats-publicly-available-what-to-do-about-it

[privacy4cars.com] “Motor Vehicle Data Deletion Act” of New Jersey https://privacy4cars.com/nj-law/

[Lifehacker] Proton Mail Now Lets You Hide Your Real Email Address https://lifehacker.com/tech/how-to-set-up-email-aliases-proton-mail

[CBC] Police now need a warrant to get a person's IP address, Supreme Court rules https://www.cbc.ca/news/politics/supreme-court-privacy-ipaddress-1.7130727

[The Hacker News] U.S. Cracks Down on Predatory Spyware Firm for Targeting Officials and Journalists https://thehackernews.com/2024/03/us-cracks-down-on-predatory-spyware.html

[9to5Mac] iPhone spyware company NSO suffers major defeat in US court, in Meta lawsuit https://9to5mac.com/2024/03/01/iphone-spyware-company-nso-must-reveal-code/

[The Verge] Authy is shutting down its desktop app https://www.theverge.com/2024/1/8/24030477/authy-desktop-app-shutting-down

Tip of the Week: Backing Up Your 2FA Seed Codes https://firewallsdontstopdragons.com/how-to-backup-2fa-seed-codes/

Command line tool to extract codes from Authy: https://gist.github.com/gboudreau/94bb0c11a6209c82418d01a59d958c93

Further Info

Check out my dragon challenge coins! https://fdsd.me/coin2 

Send me your questions! https://fdsd.me/qna 

Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book 

Subscribe to the newsletter: https://fdsd.me/newsletter 

Become a patron! https://www.patreon.com/FirewallsDontStopDragons 

Get your Firewalls Don’t Stop Dragons Merch!