• MrJameGumb@lemmy.world
    link
    fedilink
    arrow-up
    3
    ·
    5 months ago

    Here’s a little scenario that played out at work the other day…

    Dramatis personae:

    M - who is Me. Customer service agent extrodinaire.

    C - who is a dumbass cranky customer

    Our scene opens on your humble narrator diligently toiling at his work station

    M: Thank you for calling The Company, my name is M, may I have your name please?

    C: yeah yeah, my name is C, and I got a lot of problems with you people! Do you know how many times that damned robot voice tried to send me messages? I just want to talk to a person dammit!

    M: I’m so sorry to hear you’re having a bad experience sir! I’ll be happy to help you with anything you need, but it does appear you have enabled two factor authentication, so I’ll need to send a link to your phone so I can access your account

    C: THIS IS FUCKING RIDICULOUS! YOU CAN’T JUST TELL ME WHAT I WANT??? I PAY YOU PEOPLE A FORTUNE EVERY MONTH AND I CAN’T EVEN ASK A DAMNED QUESTION??? THIS COMPANY IS A FUCKING JOKE!!!

    M: Yes sir, I know the enhanced security requirements can be frustrating, but unfortunately we’ve had to update them in order to make sure our customers accounts remain secure. It should just take a moment for me to send the message though and all you have to do is click the link! Can I go ahead and send it to your number on file?

    C: are you fucking kidding me here? Is this what I pay for every goddamned month??? ALL I WANT TO DO IS ASK A QUESTION AND YOU ARE REFUSING TO HELP ME!!! GET ME YOUR SUPERVISOR! NOW!

    M: again sir, I understand how frustrating this can be. Unfortunately in order to protect your security, I cannot give you any information or transfer you to anyone else until we have verified your account. If you would prefer not to verify the account that is certainly your right though. Was there anything else I can help you with today?

    C: (sighs dramatically) fine… just send me the goddamned thing… I’m leaving this joke of a company tomorrow though.

    M: well sir I would hate for you to have to go to a competitor who doesn’t value your security as much as we do here at The Company. I’ll send that message out. You should be getting it right… now

    (Mr C grumbles incoherently as he clicks the link. It takes him all of two seconds.)

    C: THERE! I did what you ORDERED! Now will you PLEASE help me with my account???

    M: Absolutely sir! What can I help you with today?

    C: I have gotten at least 20 messages from you people today telling me some bullshit about approving an order being placed on my account! I DIDN’T ORDER ANYTHING!!! DO YOU PEOPLE EVEN KNOW WHAT YOU’RE DOING OVER THERE???

    (I pause to take a brief respite and collect my thoughts as I feel a little piece of my soul dying)

    M: That is a very serious issue sir! It appears someone was attempting to access your account online, and nearly managed to place an order for almost $5000 worth of equipment! It looks like the order was canceled because they couldn’t get past your (here it comes) enhanced two factor authentication requirements.

    C: …oh. Thank you have a nice day (click)

    (I scream internally, yet god does not listen)

    END SCENE

    • Droggelbecher@lemmy.world
      link
      fedilink
      arrow-up
      3
      ·
      3 months ago

      It might be I’m being stupid, so please tell 'em if I am. But why do you not wait to find out what the question even is before going into their account? That way you could explain the troubleshooting process better to them, no?

      • MrJameGumb@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        3 months ago

        If someone is calling about an alert that there was an order placed on their account I can’t troubleshoot a single thing until I’m in the account

      • MrJameGumb@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        5 months ago

        It can be overwhelming for people when they first start, but after a while you eventually learn to expect it lol

        I can tell you from experience that someone like this probably makes up a reason to call in once or twice a month at least and claims they are taking their business elsewhere EVERY TIME for years and years lol

  • headset@lemmy.world
    link
    fedilink
    arrow-up
    2
    ·
    edit-2
    5 months ago

    Fuck the 2 factor bullshit. I’ve lost many accounts just because I moved to another country and changed my number. I still know the password, It is my account but I can’t login just because the asshole who created 2 factor authentication never moved out of his parent’s basement.

  • Zachariah@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    5 months ago

    Unfortunately, it’s often implemented as two-step authentication though. Like asking for a password and an answer to a security question. Those are both something you know. Two-factor authentication would involve two of these factors: something you know, something you have, and something you are.

  • ByteJunk@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    5 months ago

    This was my ISP and I a few years ago. I’m a beta tester for some of their features, and I argued this was necessary for ages. They finally implemented it, and now err on the side of way too many prompts for 2FA, but at least we have it.

    My current beef is arguing that we NEED IPv6 settings in the router. One size does NOT fit all. It’s an uphill battle…

  • Aeri@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    5 months ago

    I do live in a state of constant dread of losing my phone, or having it break down, or getting a new phone now, but at least things are “secure” again *sigh

  • mlg@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    5 months ago

    Cybercriminals stealing the Oauth2 tokens after users authenticate with 2FA:

  • Bye@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    5 months ago

    2-factor would be fine if it didn’t have to involve my phone. It’s such a pain in the ass. Like a second password would be fine, so my password manager could just do both at once.

    • Feathercrown@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      5 months ago

      I don’t think you get why 2fa is more secure. That would be basically the same as having one password.

      • Bye@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        5 months ago

        I guess I don’t

        I just want them to make it so I can use my password manager, because juggling multiple authentication apps and sms messages etc just makes me less likely to turn on 2fa in the first place.