Date: Sat, 2 Jul 2016 17:10:33 +0200 From: "e@...tmx.net" <e@...tmx.net> To: passwords@...ts.openwall.com Subject: Re: 2-Factor vs Authentication On 07/02/2016 04:47 PM, Yoha wrote: > Definitely agree with the most common form of 2FA. the emphasis is: the most common variant of any "new technology" advocated for by the major market players with a choir of "experts" and "gurus" is always a very harmful piece crap, guaranteed to compromise users security; and the populus plays along happy and trustful. > This is why actual > [OTP](https://en.wikipedia.org/wiki/One-time_password#How_OTPs_are_generated_and_distributed) > are much better than confirmation codes sent to phone numbers/mail > addresses. In particular, > [TOPT](https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm) > are very easy to use, more secure than confirmation codes, *and* much > faster (there are sometimes delays of a few minutes before the > confirmation codes is received). Additionally, they allow better > flexibility (e.g. when using multiple phones). in other words, the second factor is defined here as: preshared piece of software. seems ok, but i am devoid of any deep insight on that.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.