Multi-factor auth

[Singletracker]

Certainly something that doesn’t have 11 exterior cameras

Nobody said car thieves were smart.

Sponsored

 

[Singletracker]

Okay, here’s my question. Which security system is more effective in the real world?

1 - A very secure system (MFA), that is cumbersome, requires the presence of a phone and third party verification, AND which few will ever use.

OR-

2 - An owner chosen PIN system that may be a bit less secure, but would be more convenient and likely actually see wide spread adoption?

Of course, hiring a round the clock security guard to accompany your Rivian, at all times, could really be the ticket C’mon, KISS!

 

[godfodder0901]

Okay, here’s my question. Which security system is more effective in the real world?

1 - A very secure system (MFA), that is cumbersome, requires the presence of a phone and third party verification, AND which few will ever use.

OR-

2 - An owner chosen PIN system that may be a bit less secure, but would be more convenient and likely actually see wide spread adoption?

Of course, hiring a round the clock security guard to accompany your Rivian, at all times, could really be the ticket C’mon, KISS!

Yeah, this is a no brainer. 2 all day long.

In the security world, there's always a tendency to say that the most secure solution is the best. But like you said, a super secure solution that nobody uses is just as secure as no solution.

 

[tate16t]

Rivian needs to offer a backup. Businesses that use MFA offer a way to call a support desk. Or, maybe Rivian can allow you to opt-out one device/card/keyfob etc. so that you have a backup?

I won’t go into why a 4 digit PIN is not secure, I think we all agree on that. We just want an option with no lockout risk.

 

[Singletracker]

Why does it have to be a 4-digit PIN? Where the heck did this 4-digit fixation come from anyway? If a person is using a PIN, for anything important, like a phone, they should be using a longer PIN, possibly even alpha-numeric. I use an 8-digit PIN on my devices. If Rivian were to offer a PIN option, it should be up to the owner what that PIN will be and how many digits it will include.

 

[tate16t]

Why does it have to be a 4-digit PIN? Where the heck did this 4-digit fixation come from anyway? If a person is using a PIN, for anything important, like a phone, they should be using a longer PIN, possibly even alpha-numeric. I use an 8-digit PIN on my devices. If Rivian were to offer a PIN option, it should be up to the owner what that PIN will be and how many digits it will include.

Teslas only allow a 4 digit. 8 is better but still not as secure.

 

[mkhuffman]

Rivian needs to offer a backup. Businesses that use MFA offer a way to call a support desk. Or, maybe Rivian can allow you to opt-out one device/card/keyfob etc. so that you have a backup?

I won’t go into why a 4 digit PIN is not secure, I think we all agree on that. We just want an option with no lockout risk.

I ordered a cheap Samsung phone ($80) that is on Android 14 with a few years of Android upgrades included. I will put PaaK on there, turn it off (with Knox password encrypted) and then store it in my truck in case something happens to my primary phone. I carry the card key in my wallet so I can use that to get into the truck and access the backup phone.

 

[COdogman]

Rivian needs to offer a backup. Businesses that use MFA offer a way to call a support desk. Or, maybe Rivian can allow you to opt-out one device/card/keyfob etc. so that you have a backup?

I won’t go into why a 4 digit PIN is not secure, I think we all agree on that. We just want an option with no lockout risk.

I think I understand your point, but the lockout is the protection. If you make it too easy to avoid it or clear it, then it’s basically pointless.

 

[socaladam]

Nobody said car thieves were smart.

Professional car thieves will just tow your R1, put it in a shipping container and sell the parts while overseas.

So much for MFA.

 

[Singletracker]

Professional car thieves will just tow your R1, put it in a shipping container and sell the parts while overseas.

So much for MFA.

All the more reason to hire a full time security guard to keep an eye on your Rivian

 

[socaladam]

All the more reason to hire a full time security guard to keep an eye on your Rivian

Or just pay for insurance.

 

[bigsky]

I have never lost my phone. I have, however, dropped it and destroyed the screen, making it impossible to use. In that situation, I would have been prevented from driving the truck since there would be no way to confirm the drive on the phone. So I will concede that is a valid concern.

But it has only happened to me once in my entire life. Once.

You hate it, obviously. I don't. I like it and I will continue to use it.

I am probably going to buy a second phone and lock it inside the center console for emergencies. It will be password protected, and turned off, except when I really have an emergency - like has only happened once before in my entire life. Once. But I do like the idea of having that backup.

Getting a backup phone to keep stashed away in case something happens to yours. I believe you also have conceded, albeit not admitedly, that this idea of relying on third-party hardware truly is a dumb implementation. I should not need to buy anything else to feel reassured about using this feature. It should need nothing else but the car tech for it to work. It matters not whether you may lose your phone or if you ever do. The fact of the matter is that should it happen, you may be SOL. And that is what makes this a dumbass, WTH, WTF were you thinking, Rivian.
Not so much that I do not like it. It is rather that this dumb implementation really is a ticking bomb.

 

[bigsky]

Or just pay for insurance.

Indeed. That's what auto insurance is for, and no auto insurance ever should give you a discount on this idiotic, dumbass impementation. Indeed, it should jack up your rates more for it.

 

[mkhuffman]

I set up the second phone today and it works just like my primary phone. Both phones show the MFA alert, and I can tell the truck I am ready to go on either one. Rock and roll! Once all the software updates are done on my second phone, it will be turned off and stowed away in my truck, just in case the one in a lifetime event occurs.

And even cooler, I noticed an alert on my Garmin watch. I was able to authenticate the drive by selecting the "Allow" response on my watch. Awesome!

The only problem is the alert does not show up every time on my watch. If Rivian can get the alerts to be more reliable, I won't even need to open my phone to start the truck. For now, I have to open the Rivian app to get the alert to pop up.

 

[bigsky]

I set up the second phone today and it works just like my primary phone. Both phones show the MFA alert, and I can tell the truck I am ready to go on either one. Rock and roll! Once all the software updates are done on my second phone, it will be turned off and stowed away in my truck, just in case the one in a lifetime event occurs.

And even cooler, I noticed an alert on my Garmin watch. I was able to authenticate the drive by selecting the "Allow" response on my watch. Awesome!

The only problem is the alert does not show up every time on my watch. If Rivian can get the alerts to be more reliable, I won't even need to open my phone to start the truck. For now, I have to open the Rivian app to get the alert to pop up.

Make sure you keep your watch with you, and your backup phone with you as well. Such a stupid, asinine absurdity of an implementation. To rely on third-party devices. Truly sad.

Sponsored