On Wed, 6 May 2020 12:03:41 -0400 Doug <[email protected]> wrote:
> Am I wrong to presume everyone here uses 2-factor authentication? Probably. To be nit-picky, common 2FA is actually 2SV (two-step verification). 2FA collquially is something you know plus something you have like an ATM PIN and the matching card. Authenticator applications are 2SV which are two forms of something you know: your password and a code which can be revesed by someone who knows the device identification information and the initial handshake timings. Given the difficulty of obtaining the information backing the code generation most 2SV authenticator applications are good enough for general use, but they are not 2FA. Less nit-picky, plenty of sites out there don't support 2FA or 2SV. Therefore not all of us use these all the time. > Yubikey is that, plus it has software that does try to figure out if > the servers being contacted are the right ones, and not ones that > just look right to a casual observer. Mine aren't and don't. There are a variety of different Yubikeys with different capabilities. Likewise Nitrokey. -- Rich Pieri _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
