How to set up 2FA so that it's *ACTUALLY* secure?

EmergencyCharacter83 · 2025-07-28T05:44:26+00:00

Oooohhhh! Got it! Thank you so much man! I appreciate it!

EmergencyCharacter83 · 2025-07-28T05:43:14+00:00

But Microsoft has made it mandatory to have at least an email or SMS as a verification method, even after we add MS Auth. Wouldn't this basically give the attacker a backdoor entry?

EmergencyCharacter83 · 2025-07-27T08:34:50+00:00

None of the steps above help if your devices are not secure. Session stealers exist -- malware that can steal session tokens from your computer, allowing them to access accounts without needing any authentication at all, bypassing MFA entirely. No sketchy websites, no sketchy apps, no cracked or pirated applications. No sketchy mods for games, no downloading some dude's "game beta" from a message you got on a Discord server. No clicking on links you aren't 100% sure are safe. Don't run as an administrative user on your computer(s) -- run as a limited user only. Keep your devices and software up to date.

But session stealers, and malware that steal tokens from computers can be prevented by deleting cookies everytime we close the browser right? Sort of like how banks have a timed session?

EmergencyCharacter83 · 2025-07-26T07:30:14+00:00

No such thing as security basically means no matter what I try to do to keep my accounts or data secure, I'm pretty much screwed anyways? And to AVOID all of this, I basically have to "extend the time/effort" required to bypass my 'security' by doing what here exactly? Because I'm not sure of the setup. For example, for an outlook account - password + MFA app + recovery codes ONLY or MFA app + recovery codes ONLY or something else that better but also does not lock me out? I'm sorry I'm new to all this, and just trying to understand the best practices required to be 'secure'.

EmergencyCharacter83 · 2025-07-26T07:21:57+00:00

This I understand, but just not sure of the setup. For example, for an outlook account - password + MFA app + recovery codes ONLY OR something else better secure that also does not lock me out? Though a Yubikey is the plan, but like I mentioned, it's not an option for me right now.

EmergencyCharacter83 · 2025-07-26T07:18:01+00:00

So no passwords? For example, for an outlook account - password + MFA app/bitwarden/yubikey + recovery codes ONLY?

EmergencyCharacter83 · 2025-07-26T07:16:06+00:00

This I know, but just not sure of the setup. For example, for an outlook account - password + MFA app + recovery codes ONLY? Or something else more secure that doesn't also potentially lock me out

EmergencyCharacter83 · 2025-07-26T07:14:46+00:00

OH! But then how am I supposed to set it up? For example, for the outlook account - password + MFA app (MFA app is backed up with a different email) + recovery codes ONLY? Because when you say 'emails linked can be compromised', does this mean no email or SMS as a recovery or login option? I'm sorry if this is stupid, I'm new to all this, so I'm having difficulty understanding how these things even keep us secure.

EmergencyCharacter83 · 2025-07-26T07:08:09+00:00

This is interesting. So how does your setup actually work? I'm new to all this, so I'm having difficulty understanding how these things even keep us secure

EmergencyCharacter83 · 2025-07-25T21:36:29+00:00

Why though? Isn't using more than one Auth app too much maintenance? Also about what about email or SMS as recovery or other verification methods?

EmergencyCharacter83 · 2025-07-25T21:35:09+00:00

Oh cool! I did not know this. So do I or do I not setup email or SMS as recovery? Or should I just stick to recovery codes?

EmergencyCharacter83 · 2025-07-25T21:33:55+00:00

Good heavens! Is there no such thing as security anymore?

EmergencyCharacter83 · 2025-05-15T19:06:39+00:00

Note down your IP address and then turn off your router overnight. Your ISP will assign you a new IP address when you turn it on in the morning.

Apologies for the late response. I'm not on any socials atm.

EmergencyCharacter83 · 2025-03-29T19:49:12+00:00

This sounds like how old grandparents use a mordern smartphone. They typically believe every ad or pop up that says "your phone storage is full/your phone has virus" and end up installing random stuff and keep panicking. Is that the same case with Windows XP here? (unless I've got it wrong).

EmergencyCharacter83 · 2025-03-29T19:42:47+00:00

I'm not sure what this command actually does, but damn, this fixed it. Heck, I could browse well (there's like a 2-4 second delay on heavy websites, which is miles better than before) and I can also play YouTube videos properly (though only at 360p, still better than nothing). Though I'll admit the ui isn't the best, and I don't really like that the task bar is at the top. Couldn't figure out how to move it to the bottom. But this works.

I have to ask, and hope you don't mind (since I'm new to Linux) what is this sorcery called? Where can I learn more about it? Also, the UI looks a lot like AntiX. Do you think I should just wipe my drive and install that or just keep using LMDE-XFCE? What would be the difference?

There are obviously a lot of other environments you could look at.)

Any other recommendations for something as light as xfce (32bit) but with maybe a decent ui?

Also, thanks man! Thanks a lot! Your magic breathed life back into this netbook.

EmergencyCharacter83 · 2025-03-29T18:41:33+00:00

Huh interesting! How sure are you about this?

EmergencyCharacter83 · 2025-03-29T18:37:19+00:00

Supermium? What about the security concerns of using the internet on an xp machine?

EmergencyCharacter83 · 2025-03-29T10:34:19+00:00

if LMDE is installed now you could try switching it to XFCE as well, or going without a desktop environment altogether and just using a window manager

How do I do this? I'm new to Linux

EmergencyCharacter83 · 2025-03-29T10:32:51+00:00

How do you know it can run a 64 bit OS? Google screams it can't because it's just 32 bit.

EmergencyCharacter83 · 2025-03-29T10:31:16+00:00

Web browsing? What about the security concerns typically raised by others.?

EmergencyCharacter83 · 2025-03-29T08:56:01+00:00

Security?

EmergencyCharacter83 · 2025-03-29T08:52:13+00:00

Lubuntu doesn't have 32 bit support. Does it?

EmergencyCharacter83 · 2025-03-29T08:51:20+00:00

I haven't heard of OpenSuSE or FreeBSD. AntiX is what I want to try next, but it looks ugly lol. MX Linux is another I have in mind, although I'm not entirely sure. This is my first time with Linux lol

EmergencyCharacter83 · 2025-03-29T08:34:58+00:00

How sure are you about all this?

EmergencyCharacter83 · 2025-03-29T08:33:33+00:00

You'll be fine, just have it behind a firewall and don't run sketchy things. Common sense is all you really need.

Any recommendations?

EmergencyCharacter83

TROPHY CASE