Also it's possible to use gopass which is able to store the OTP seed secured by
GPG and keep the GPG keys on a Yubikey to ensure their safety.
Best,
Fale
On Mon, Feb 21, 2022, at 11:03, Björn Persson wrote:
> Adam Williamson wrote:
> > However, it supports Google Authenticator-style OTPs. Folks
Adam Williamson wrote:
> However, it supports Google Authenticator-style OTPs. Folks
> with infra privileges on their accounts (like me) are already required
> to use these. It works fine. I preferred being able to use a yubikey so
> I don't always have to open an app on my phone and retype a six
Demi Marie Obenour wrote:
> Security keys are the only form of 2fa that is immune to
> phishing attacks.
U2F and FIDO2 are said to be immune to phishing. HOTP, TOTP and various
proprietary challenge-respone protocols are not immune.
Björn Persson
pgp_7IhtLa4JI.pgp
Description: OpenPGP digital
