Didn't linked in and facebook do this? Give us your email account and password a... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		harry8 on March 31, 2021 \| parent \| context \| favorite \| on: The Hitchhiker's Guide to Online Anonymity Didn't linked in and facebook do this? Give us your email account and password and we'll add your friends for you! So easy! You can bet someone is still doing it and more will try it until such time as there are negative consequences for it. Seems that there aren't any now.

gruez on March 31, 2021 | [–]

If you're going to get social engineered into giving up your password, chances are you're going to get social engineered for your 2fa code as well.

lupire on March 31, 2021 | [–]

They'll use Oauth now, which won't be stopped by 2FA

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact