Is two factor authentication hacker proof
I recently cleaned up a Trojan horse that was left on my desktop gaming PC. It was found in the Roblox files, so my son had obviously downloaded something dodgy while playing on my PC. I deleted the Trojan via Windows Defender, as my paid Bitdefender subscription did not detect it, even during full scans. I also wiped the desktop and performed a fresh installation of Windows.
The whole issue has me thinking and rethinking my entire online security setup, which I believe is pretty good for an average user (I do not work in IT). As a rule, if an account has two-factor authentication, I enable it, so most of my accounts are locked down with it. I have always seen two-factor authentication as the gold standard, but I am wondering whether it has weaknesses.
Of course, I could theoretically be scammed into giving someone my codes, but the likelihood of me handing over authentication codes or recovery keys is pretty remote — you would be prying those out of my cold, dead hands.
I do get concerned about my password manager, which I call the key to my life. If that were ever breached, then two-factor authentication would be the only thing stopping someone from accessing everything. The password manager is literally the key to my entire online life, so I guard it carefully.
So, how confident can I really be in two-factor authentication? Years ago, I know my Steam password was breached, but Steam Guard saved the day. By the way, I changed my desktop PIN, and my son is no longer using it — he can play on his console instead