SpaceX’s Starlink has quietly added a much-requested security feature: Two-factor authentication. A growing number of Starlink subscribers have complained about hackers breaking into their accounts to make fraudulent purchases, including hundreds of dollars in extra hardware. To hijack an account, a hacker only needs to know the Starlink subscriber’s email address and password. Hence, some customers have called on SpaceX to bolster its account security with multi-factor authentication since it requires anyone signing in to both submit the correct password and a one-time code, which is usually generated on the account holder’s smartphone. SpaceX was previously mum on adopting MFA. But a recent entry on Starlink’s customer support page shows the satellite internet service officially supporting “Two Step Verification.”
(Credit: Starlink.com)
“Two-step verification is an additional security measure Starlink is using to help protect your account,” the company wrote. “In addition to your password, you will need to verify your identify with a passcode sent to your email or phone number. Starlink will never call or text you for this passcode. Do not share it with anyone.”But don’t expect every login to require an authentication code. Starlink will only activate the safeguard if the user is attempting to change the email address or phone number registered to the account. This is likely because hackers often change the email address and phone number to help them fully take over the account, and hide the fraudulent charges from the victim. It looks like SpaceX quietly published the customer support entry a month ago, according to a Reddit user who spotted the change. But not every Starlink customer is satisfied with the two-factor implementation since it still leaves room for a hacker to access an account.
Recommended by Our Editors
“Where’s the MFA for LOGINS!” wrote one user on Reddit. “How about we keep others out entirely vs just limiting their access once in the account.” The other issue is that we didn’t see the two step verification on PCMag’s own Starlink account. SpaceX didn’t immediately respond to a request for comment, making it unclear if the safeguard has been fully rolled out.
Like What You’re Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
