It is also not recommended to use 2FA on PC to verify stuff on PC. (Personally, I still do that for some stuff due to laziness, though…)
Basically, hacking/stealing one device should not be enough to get your stuff. Smartphones are relatively often compared to PCs. As long as you still have a secure password you need to enter, I wouldn’t care too much, though.
banks have old ahh security. not many support proper 2fa. but if u log in on your phone, and u do have your phone as the 2fa method, it makes no difference having 2fa. if someone gets your phone they get your banking log in and your 2fa method. its like putting totp 2fa on a computer to sign into something on the same computer. different devices for different purposes. remeber banking apps are always proprietry, so any zero day could be active right now, and we would not be the wiser. i suppose banking on a webpage on your phone is better, if you delete the cookie after.
If your phone is secure with screenlock, kept up to date and uses grapheneos than your banking should be safe. Using grapheneOS auto reboot feature would prevent anybody accessing private data stored in RAM , as it’s all at rest after reboot
Your first post, you claim that “so any zero day could be active right now” … This can happen with open source software too. Your phone is way more secure than the average PC running debian.
Sounds like scare mongering.
Why would that be any different than a PC with the 2FA app on the PC?
Banking on suitably patched and secured phone is NOT an inherently risky activity.
It is also not recommended to use 2FA on PC to verify stuff on PC. (Personally, I still do that for some stuff due to laziness, though…)
Basically, hacking/stealing one device should not be enough to get your stuff. Smartphones are relatively often compared to PCs. As long as you still have a secure password you need to enter, I wouldn’t care too much, though.
banks have old ahh security. not many support proper 2fa. but if u log in on your phone, and u do have your phone as the 2fa method, it makes no difference having 2fa. if someone gets your phone they get your banking log in and your 2fa method. its like putting totp 2fa on a computer to sign into something on the same computer. different devices for different purposes. remeber banking apps are always proprietry, so any zero day could be active right now, and we would not be the wiser. i suppose banking on a webpage on your phone is better, if you delete the cookie after.
If your phone is secure with screenlock, kept up to date and uses grapheneos than your banking should be safe. Using grapheneOS auto reboot feature would prevent anybody accessing private data stored in RAM , as it’s all at rest after reboot
i still dont trust it. theres no real reason to use it on phone. just becoming more dependant
Your first post, you claim that “so any zero day could be active right now” … This can happen with open source software too. Your phone is way more secure than the average PC running debian.