pull down to refresh

14 sats \ 5 replies \ @zuspotirko 12 Jul 2024 \ on: Second Factor SMS: Worse Than Its Reputation security
I agree stat sms is a horrible second factor.
However, just doing a second https connection just uses the exact same technological implementation as the first factor. It's still the best/ most advisable thing to do.
Best would be if we finally implemented TLS encryption over phone network that are outside of internet/cellular. I doubt that will ever happen tho. Mankind will abolish POTS infrastructure in favor of VoIP completely before we implement TLS on POTS.
write
preview
55 sats \ 4 replies \ @Bell_curve 12 Jul 2024
Authenticator is more secure than sms?
reply
34 sats \ 3 replies \ @kepford OP 12 Jul 2024
Using an open source OTP app like Aegis is far better than SMS.
Avoid Google Auth
reply
55 sats \ 0 replies \ @Bell_curve 18 Jul 2024
Thanks for the recommendation
reply
0 sats \ 1 reply \ @TNStacker 12 Jul 2024
How about Cisco Duo? My employer likes them.
reply
34 sats \ 0 replies \ @kepford OP 13 Jul 2024
I wouldn't consider a closed source option. Not familiar with Cisco Duo. It may be fine but I always look for FOSS options.
reply