Log In  
Ask about your listing

Secure two-factor-authentication

‎12-09-2021 01:23 PM
Paul7667
Level 2
Edinburgh, United Kingdom
‎12-09-2021 01:23 PM

Secure two-factor-authentication

Please let me keep my account secure with a proper 2FA method.

 

What I can see in my account and why it's not good
1) Phone number - Can be spoofed or sim-swapped. Also possible to be stuck with no signal or broken SIM card.
2) PIN - static, basically no different from a longer password
3) Questions - static, basically no different from a longer password

 

What I would want
1) App to verify identity that uses phone native fingerprint reader
2) TOTP, simple standard that's Google Auth compatible
3) Yubikey or other public-key-signing standard

‎12-09-2021 01:23 PM
5 Replies 5
‎16-05-2023 01:40 PM
Petar84
Level 2
Selce, Croatia
‎16-05-2023 01:40 PM

it looks like the world is moving forward and AirBnb backward with features. Everyone is adopting at least TOTP for security 2FA, and even rolling our passkey features.

While we are stuck here with pin and questions, I don't even see the point of them whenever you want to change something they require a code from the phone.

 

hopefully, we get at at least TOTP soon

‎16-05-2023 01:40 PM
‎17-07-2024 02:01 AM
Andrew3532
Level 2
Reston, VA
In response to Petar84
‎17-07-2024 02:01 AM

Yep,  SMS can be intercepted ("smishing" or MITM atttacks) and is no longer considered secure. 

And acording to the current help, 2FA is only available to hosts in EU. 

 No authentication app or FIDO2 key support.

These are the most trusted, modern security methods. 

It does raise concern about how thoroughly the data centers are hardened against a massive global data breach that targets all of the company's assets, not just ours.

‎17-07-2024 02:01 AM
‎22-11-2024 06:31 PM
Katie1750
Level 1
‎22-11-2024 06:31 PM

Sad that this post is from three years ago and they have still not added this feature in the US. I have been removing my payment information from websites that do not have a secure 2FA login method, might have to do the same with Air bnb soon.

‎22-11-2024 06:31 PM
‎14-01-2025 12:41 PM
Angela630
Level 3
Kouchibouguac, Canada
‎14-01-2025 12:41 PM

for the love of God yes!!! 

 

now in Canada AirBnB wants us to input our social insurance numbers and accounts are not protected with MFA. Disgraceful. 

‎14-01-2025 12:41 PM
0 Likes
‎14-01-2025 01:19 PM
Helen3
Top Contributor
Bristol, United Kingdom
In response to Angela630
‎14-01-2025 01:19 PM

Probably for the same reason as they have in the UK to ensure those selling goods or services online declare their income @Angela630 

 

Our government introduced Distance Selling Regulations this year which mandated that online businesses has to collect this information.

‎14-01-2025 01:19 PM
0 Likes

More from Ask about your listing

Hi I'm new here.

If anyone has time can you please tell me if my listing is a...
If anyone has time can you please tell me if my listing is any good? It's in a sweet spot in Peru - Thanks so much!

Listing not showing up!

Hi all, I haven’t been able to find my listing, tried throug... Latest reply
Hi all, I haven’t been able to find my listing, tried through many of my friends accounts, no one could see it unless opening... Latest reply

Explore Resource Center articles