For the mom who gives us everything - Mother's Day gifts that connects us.
Protect yourself online
ATTU-verseCare's profile
Community Support

Community Support

 • 

6.7K Messages

Monday, April 10th, 2017 7:48 PM

Closed

Hack Attack: Internet & Email Security - Knowledge Share Wednesday, 04/26/17, 1-4pm ET

Hack Attack Int and Email.jpg

 

Long gone are the days that each of us feel comfortable leaving our front door open to our home. That applies even more so to our virtual home and identity on the internet. Join the conversation as we discuss and share knowledge on a topic that affects us all: Internet & Email Security.

 

Learn more about internet and email security here. Think your email was hacked? - Learn how to secure your email here.

*I am an AT&T employee, and the postings on this site are my own and don't necessarily represent AT&T's position, strategies or opinions.

Still need help? Ask a question! Our 1.4 million members typically respond within 1 hour.

1 Attachment

Master

 • 

3.5K Messages

7 years ago


@Tigereyze209 wrote:

It has been a while since I checked up on this, but last time i did, two step verification was available for Yahoo accounts (in beta) but was NOT available for ATT e-mail accounts.

If this has changed, then cool. But as I said, unless it has changed, 2 step was not available to ATT accounts.


@Tigereyze209

Hmm, yeah, apparently not as of 3/19: https://forums.att.com/t5/AT-T-Internet-Email-Security/two-factor-authentication/td-p/5099870

 

The business side of the AT&T accounts has it all over the place, but not the consumer email, yet, weird, and unfortunate.

@ATTU-verseCare, can you take note?  I bet this would halve these support issues, if it were in place, and if people were "encouraged" to set it up, for credential management, the way other services are moving to.

Community Support

 • 

6.7K Messages

7 years ago


@pgrey wrote:

The business side of the AT&T accounts has it all over the place, but not the consumer email, yet, weird, and unfortunate.

@ATTU-verseCare, can you take note?  I bet this would halve these support issues, if it were in place, and if people were "encouraged" to set it up, for credential management, the way other services are moving to.


@pgrey. We definitely have. At one point, there was a capture page to update the account with their cell phone number. This has helped greatly, but there are always some users that choose to ignore or not update it. 

 

-ATTU-verseCare

Master

 • 

3.5K Messages

7 years ago

Another thing that comes to mind here, is Browser Safety.

Currently, IE support is tapering (IMO), and the Edge browser is becoming primary, on Windows.

 

In terms of the others (I use Chrome as well, myself, for example), be VERY careful about installing browser add-ons or extensions.

The wrong extension can be just as bad as handing out all your credentials, as they often have access to everything, or nearly everything, that you're doing (it obviously varies from extension-to-extension).

 

Be sure to "vet" your extensions, read reviews, only install from the "Store" for the OS, scan before installing, etc.

Master

 • 

3.5K Messages

7 years ago


@ATTU-verseCare wrote:

@pgrey wrote:

The business side of the AT&T accounts has it all over the place, but not the consumer email, yet, weird, and unfortunate.

@ATTU-verseCare, can you take note?  I bet this would halve these support issues, if it were in place, and if people were "encouraged" to set it up, for credential management, the way other services are moving to.


@pgrey. We definitely have. At one point, there was a capture page to update the account with their cell phone number. This has helped greatly, but there are always some users that choose to ignore or not update it. 

 

-ATTU-verseCare


@ATTU-verseCare Sure, for the accounts portion of a consumer account, no question, I've had mine set up for a long time.

But what about the AT&T/Yahoo email?  It appears that Yahoo accounts have two-factor, but the AT&T, Yahoo hosted accounts, do not?

Employee

 • 

78 Messages

7 years ago


@pgrey wrote:

@Tigereyze209 wrote:

It has been a while since I checked up on this, but last time i did, two step verification was available for Yahoo accounts (in beta) but was NOT available for ATT e-mail accounts.

If this has changed, then cool. But as I said, unless it has changed, 2 step was not available to ATT accounts.


@Tigereyze209

Hmm, yeah, apparently not as of 3/19: https://forums.att.com/t5/AT-T-Internet-Email-Security/two-factor-authentication/td-p/5099870

 

The business side of the AT&T accounts has it all over the place, but not the consumer email, yet, weird, and unfortunate.

@ATTU-verseCare, can you take note?  I bet this would halve these support issues, if it were in place, and if people were "encouraged" to set it up, for credential management, the way other services are moving to.


@pgrey, @Tigereyze209, @ApexRon While at this time we do not offer two-factor authentication, it is something we are actively exploring.

Professor

 • 

3.9K Messages

7 years ago

If one is referring to adding the recovery cell phone number to the global att log in, I do not have a cell phone number to provide.

I am very grateful for the fact, it is no longer insisting on a mobile phone number being provided. At the very least, it gets in the way, and something i considered to be a very un-necessary nuisance. 

I respect the attempt at improving customer security.. but one also has to remember, participation should be voluntary, not mandated.

In may case, as i said, I do not have a number to provide, so asking for it over and over is tedious.

Mind you, i have more important things to be troubled over.

Just mentioning my feedback since it was brought up.

Professor

 • 

3.9K Messages

7 years ago

In an earlier post, I asked about the Yahoo "state agent" security hacks, and I was asking how it affected att and what the att customer can do about it, if their account was ones of the "lucky" accounts to be hacked.

Master

 • 

3.5K Messages

7 years ago


@Tigereyze209 wrote:

If one is referring to adding the recovery cell phone number to the global att log in, I do not have a cell phone number to provide.

I am very grateful for the fact, it is no longer insisting on a mobile phone number being provided. At the very least, it gets in the way, and something i considered to be a very un-necessary nuisance. 

I respect the attempt at improving customer security.. but one also has to remember, participation should be voluntary, not mandated.

In may case, as i said, I do not have a number to provide, so asking for it over and over is tedious.

Mind you, i have more important things to be troubled over.

Just mentioning my feedback since it was brought up.


Yeah, I agree, for most implementations, forcing a user to use two-factor is a bit onerous.  I think you could argue for using it to modify account credentials however, only, which makes it a lot less invasive, and how I have it set up for most of my implementations.

Even if you don't have a cell#, you can get a number capable of receiving texts via browser/app, such as GoogleVoice or Skype, etc.  This still allows for a reasonable level of two-factor authentication, without the cell requirement (and is generally free, or very close). 

As two-factor implementation proliferates, I see more options to use a secondary email too, which is a handy option, if a cell or similar isn't practical.  It's still fairly secure (better if you don't access it from the same device), but easier to use in these cases.

Professor

 • 

3.9K Messages

7 years ago

My dad has a gateway device with his internet service, and it has built in hardware firewall protection.

I am curious how effective att gateways are at hardware firewall protection, as opposed to software firewalls.

Professor

 • 

3.9K Messages

7 years ago


@pgrey wrote:


Yeah, I agree, for most implementations, forcing a user to use two-factor is a bit onerous.  I think you could argue for using it to modify account credentials however, only, which makes it a lot less invasive, and how I have it set up for most of my implementations.

Even if you don't have a cell#, you can get a number capable of receiving texts via browser/app, such as GoogleVoice or Skype, etc.  This still allows for a reasonable level of two-factor authentication, without the cell requirement (and is generally free, or very close). 


Curious you should mention that.. I actually use a texting service called text now. You are assigned a number, but there is no physical phone per sea. Never even occoured to me using it would even be an option for two step or recovery device.

I like how you think.  seriously, I'd have given you a thumbs up right now, if we could still do that.

Not finding what you're looking for?
New to AT&T Community?
New to the AT&T Community? Start by visiting the Community How-To.
New to the AT&T Community?
Visit the Community How-To.