Is delay based features a good idea for security? [on hold]

There are things that I will rarely rarely rarely do in my life.

For example, changing my main email. Adding a new computer. One security feature that is pretty much full proof that I know is delay.

Basically, say I want to add a new device to my Authy account. Say, I am buying a new phone.

That happens like once every 6 months. I don’t mind waiting 7 days for that to happen. Within those 7 days I get a daily email that someone is adding my authy account to other devices.

A lot of hacking counts on speed. Hackers find something and steal money before the actual owners know how to do anything.

Delay-based protection will not only prevent that, but it will also turn all black hat hackers into a cheap white hat.

None of it is done. Authy, for example, allows us to disable adding more devices but it can be disabled. If one device is compromised then a user can add more devices and before the good guys/owners find out, the money is stolen already.

A sample of such scheme is https://www.authy.com/phones/reset/

You can reset and get stuffs but only if you’re willing to wait.

In livecoin I got this message:

WARNING: ANY CHANGE OF PASSWORD OR ANY OTHER REVISIONS TO THE SECURITY
SETTINGS OF YOUR ACCOUNT, IF COMPLETED SUCCESSFULLY, WILL RESULT IN
TERMINATION OF ALL OPEN SESSIONS IN YOUR ACCOUNT. THIS MEANS THAT YOU
SHOULD HAVE TO LOGIN AGAIN USING YOUR CHANGED PASSWORD, OR OTHER
REVISED SECURITY SETTINGS OF YOUR ACCOUNT. PLEASE, NOTE, AFTER YOUR
PASSWORD CHANGE, OR AFTER OTHER REVISIONS TO YOUR ACCOUNT SECURITY
SETTINGS, YOUR FUNDS WILL NOT BE AVAILABLE FOR WITHDRAWAL FOR THE NEXT
48 HOURS.
WE APOLOGIZE FOR THE INCONVENIENCE, BUT THIS IS DONE TO
PROTECT OUR CUSTOMERS’ FUNDS FROM POTENTIAL ONLINE FRAUD. IT IS OUR
STANDARD SECURITY PROCEDURE.

Leave a Reply

Your email address will not be published. Required fields are marked *