General

2FA to Disable Mobile Access?

I’m not sure how easy this would be to achieve but wouldn’t it make sense to require an Authenticator code to disable mobile access from the vehicle? It’s great having it to log into the app and manage account features but the most valuable target is still your car.

Comments

  • You can set a PIN to Drive if you're concerned about someone stealing your car.
  • > @EVRider said:
    > You can set a PIN to Drive if you're concerned about someone stealing your car.

    Apparently thieves in Europe have figured out how to bypass that and turn off mobile access.
  • @6EQUJ5 can we get a source on pin to drive being defeated?

    also, don't you have to provide login credentials to disable mobile access? I could be wrong.
  • Yes, you have to login to disable ANY of the security features like Valet Mode, PIN to Drive and Mobile Access. Mobile by default is on, requiring credentials to disable.
  • > @derotam said:
    > @6EQUJ5 can we get a source on pin to drive being defeated?

    https://forums.tesla.com/discussion/179061/model-s-stolen

    I’m also wondering if 2FA to disable pin to drive would’ve prevented this. Either way they somehow disabled mobile access very quickly.
  • That was an assumption that pin to drive was defeated, and "defeated" could have multiple meanings. That case is more likely a case of their account credentials being obtained some way...and there IS 2FA available for the accounts now but I think it is optional....turn your 2FA on for your accounts people!
  • > @derotam said:
    > That case is more likely a case of their account credentials being obtained some way...and there IS 2FA available for the accounts now but I think it is optional....turn your 2FA on for your accounts people!
    >

    My point is 2FA is NOT required to disable those features on the MCU, only account credentials are required, meaning these in-vehicle anti theft provisions are only as good as the password used to log into Tesla is complex/obscured.
  • The 2FA option for the app requires a third-party 2FA solution, so it’s not integrated. There’s no support for third-party apps in the car, and it isn’t going to happen without a fully integrated solution.

    I understand why this would be useful, but it’s such a limited use case that I can’t see Tesla spending time on it.
  • > @EVRider said:
    > The 2FA option for the app requires a third-party 2FA solution, so it’s not integrated. There’s no support for third-party apps in the car, and it isn’t going to happen without a fully integrated solution.
    >
    > I understand why this would be useful, but it’s such a limited use case that I can’t see Tesla spending time on it.

    Tesla could just this this into a software update and allow customers to supply their own USB tokens.

    https://github.com/solokeys/solo

    Only requiring it to disable certain security features would make sense. I use a Yubico to log into my bank and would never keep as much in there as what one of these cars are worth. 🤷🏻‍♂️
  • Tesla could do it, but they won't. 🙂
Sign In or Register to comment.