rc3.org

Strong opinions, weakly held

The problems with two-factor authentication

Two-Step Verification Dances Around the Issue

Andrew James for PandoDaily on weaknesses of two-factor authentication. I have two nits to pick with his article. First of all, Google has an app you can use to furnish your authentication code on your smart phone. There’s no need to rely on receiving a text to get your code. Secondly, human factors will always be the greatest security weakness. The goal is to minimize their impact.

1 Comment

  1. I switched to the Google two-factor auth as soon as the iPhone app shipped. The major annoyances for me are setting up a new app on a mobile device that needs access to my Google account or setting up a new device entirely. After that, the 1-time “legacy” passwords never expire and the browsers get 30 days of being remembered. I realize it isn’t perfect, but it’s better than what I typically use for passwords.

Leave a Reply

Your email address will not be published.

*

© 2016 rc3.org

Theme by Anders NorenUp ↑