Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 2 Jul 2016 17:10:33 +0200
From: "" <>
Subject: Re: 2-Factor vs Authentication

On 07/02/2016 04:47 PM, Yoha wrote:
> Definitely agree with the most common form of 2FA.

the emphasis is:
the most common variant of any "new technology"
advocated for by the major market players
with a choir of "experts" and "gurus"
is always a very harmful piece crap,
guaranteed to compromise users security;
and the populus plays along happy and trustful.

> This is why actual
> [OTP](
> are much better than confirmation codes sent to phone numbers/mail
> addresses. In particular,
> [TOPT](
> are very easy to use, more secure than confirmation codes, *and* much
> faster (there are sometimes delays of a few minutes before the
> confirmation codes is received). Additionally, they allow better
> flexibility (e.g. when using multiple phones).

in other words, the second factor is defined here as:
preshared piece of software.

seems ok, but i am devoid of any deep insight on that.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.