SpaceX’s Starlink has quietly added two-factor authentication (2FA) as a security feature to enhance the protection of user accounts. This move follows complaints from Starlink subscribers who reported hackers breaking into their accounts to make fraudulent purchases. The hackers only needed the subscriber’s email and password, prompting calls for stronger security measures like 2FA, which requires both a password and a one-time code.
The new 2FA feature, described as “Two Step Verification,” was recently highlighted on Starlink’s customer support page. It adds an extra layer of security by requiring users to verify their identity with a passcode sent to their email or phone number when attempting to change account details like the registered email or phone number. Starlink emphasizes that it will never ask for this passcode via call or text, and users are advised not to share it with anyone.
However, this security measure is only triggered during specific account changes, not every login. The focus on changes to email addresses and phone numbers addresses a common tactic used by hackers to take over accounts and conceal fraudulent activities. While this step improves security, some users are still concerned that it leaves room for potential breaches.
The update was quietly implemented about a month ago, as noted by a Reddit user who spotted the change. Despite this enhancement, there is ongoing debate among users about whether the current implementation of 2FA is sufficient to fully secure their accounts against unauthorized access.
Reference: