Netflix won't use 2FA despite continual user info hacks
2FA stands for "Two Factor Authorization" and since most of the people on here are a bunch of nerds you probably already knew that :P
Netflix is continually slammed by the press and their own userbase for not including this extra step in their product and as someone whose account was recently compromised (along with many other people in Thailand) I can relate to how it makes me feel knowing that my personal information is now in the hands of someone out there and all I can do is hope that the credit card information is protected a little bit better than my login to Netflix was /is.

source
A few days ago my Netflix account was hacked and it is really a scary thing to have something like this happen to you. Although they wont admit it, the leak was on Netflix's end and not due to anything I did and I can't confirm this but due to the fact that many other people I talk to had their accounts compromised at almost precisely the same time can't be a coincidence.
I was thinking that this could easily be prevented by Netflix simply using 2FA and there are actually quite a few articles out there that are suggesting that Netflix is actually endangering a lot of their customers by not doing this. However, after reading some of them, i can understand why they wont do it.
Netflix's financials are not the most stellar in the world. Although this could be creative accounting on their part their income is nothing to get excited about and their stock price has remained stagnant for quite some time despite the fact that they are the largest and most successful company of their sort. Implementing 2FA across all of their platforms would be expensive and perhaps they don't have the money for it.
many people share a Netflix account, sometimes they do this at different households and even in different countries. Imagine if you wanted to watch Netflix, but the base account is your friend's who lives 1000 miles away. Now you can't log in at all until you get this person on the phone to confirm the 2FA code for you.
if Netflix is actually operating just above bankruptcy (as their financials would indicate) they now have the added bonus of tons of emerging competitors such as Amazon and Disney. There are also many smaller companies that are localized such as "I-Flix' in Thailand that costs far less than Netflix does. (I-Flix sucks by the way.)
This 2FA wouldn't stop the sort of hack that affected me anyway. The people who temporarily stole my account didn't do so by guessing my password or intercepting in via my router's WiFi, they hacked Netflix.... the 2FA option would prevent them from actually logging into my account, but it wouldn't stop them from getting whatever information was stolen from Netflix's servers. To be honest with you I am happy they did lock me out of my account so I could take this as an opportunity to change all my passwords on far more important sites.
These are just my observations and are by no means meant to be "facts." Also, if someone does hijack your Netflix, provided they can't get a hold of your financial information such as your credit card, it really isn't dangerous so much as it is a temporary annoyance.
There isn't really anything particularly nefarious that someone could do inside your account. I suppose they could delete your favorite list and you would have to find them again but then again, why would someone take the time to do this?
To listen to the audio version of this article click on the play image.

Brought to you by @tts. If you find it useful please consider upvoting this reply.
2FA is such a pain in the butt if you don't have your phone with you all the time. I understand the need for it and I totally have it enabled on all of my accounts, but there are times when I forget my phone in my office and I need to access my account at a different location and I can't because I don't have my phone. The headache is well worth the extra layer of security though.
If a world wide company can't protect even users' financial infos...
Posted using Partiko Android
It's a lot more common than you think. Equifax, Sony, Target, Adobe, Yahoo, all of them have had large scale, high profile exfiltrations of data in the past 5 years. A lot of the time, it's through no fault of your own. You take all the right security measures, you lock down everything as best you can, and yet...
Some derpdy-doo at corporate clocks on a phishing link, opens a Trojan, and a backdoor starts leaking data to China, Russia, or wherever the malicious actors are bouncing their connections through. "Good luck, I'm behind 7 proxies" is a joke for a reason. These people, if they're good, they cover their tracks. They drop red herrings. Most of 'em aren't, thank God...
Posted using Partiko Android
They could get your credit card number, your address and all the information you entered to set up the account. That is one of the problems with centralization.