Mario, I accept your formal definition here of multi-factor, it is helpful. Clearly if the alternative factors come from two or more substantially difference sources it contributes to the security. If however I use the common English meaning of factor, "a circumstance, fact, or influence that contributes to a result", it would be fair to consider what I said as correct, the user must supply more than one "password", in this case one to access the internet resource then one to decrypt the content of that resource, in the additional case of the database connector, this value will be stored inside the decrypted TiddlyWiki's session in your browser (not on across the internet), but It could be passed in a secure database connection.
However separately from this argument surely it is possible to simply bolt on a 2 factor authentication in place of the first password to an internet resource? Regards Tony On Saturday, December 8, 2018 at 1:49:41 AM UTC+11, PMario wrote: > > > On Friday, December 7, 2018 at 12:38:53 PM UTC+1, TonyM wrote: > ... > > If you place a tiddlywiki in a secure folder, with a long password on >> https and then use the encryption in tiddlywiki you would be using two >> factors. >> > > No offence intended. - Technically, this is only 1 factor 2 times > > Multi-factor authentication is defined as: > > 1) something the user and only the user *knows* > 2) something the user and only the user *has* > 3) something the user and only the user *is* > > add 1) eg: password > add 2) eg: usb-token > add 3) eg: fingerprint > > Pros and Cons are discussed in detail here: > https://en.wikipedia.org/wiki/Multi-factor_authentication > > IMO The main problem is convenience and cost. Workflows, that create > "real" security will cost something. That's a fact! ... At the moment our > society trades convenience for security and cost. > > Everything needs to be free (as in free beer). > > In my opinion this mentality has to change. It's OK to use free (as in > free speech) software / tools. ... But we need to become aware again, that > our security will cost us something. Either convenience or money. > > Just some rants > have fun! > mario > -- You received this message because you are subscribed to the Google Groups "TiddlyWiki" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/tiddlywiki. To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywiki/e6dbb792-0257-485d-8ed0-9423c116ca48%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
