[members-discuss] two-factor authentication mandatory
- Previous message (by thread): [members-discuss] two-factor authentication mandatory
- Next message (by thread): [members-discuss] two-factor authentication mandatory
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Oleksij Samorukov
samm at net-art.cz
Thu Jan 11 14:55:32 CET 2024
On 2024/01/11 14:48, Mark Janssen via members-discuss wrote: > On Thu, 2024-01-11 at 14:35 +0100, Mike B wrote: >> My rational for this is that some organisations do not allow phones >> within the office, nor have any Apps available to install on their >> systems. Perhaps a more generic scenario is if a phone is out of >> battery. I'm sure you can appreciate while I am in favour of MFA I >> think this must be in a different format. > > TOTP can be done without phones or phone apps... it just needs the > shared secret and a HMAC fucntion, this can be done via various > password-managers, simple python-scripts, your Ti-81 calculator or any > number of other methods. > > I would advise against any form of e-mail 2fa, as this really reduces > it to a single-factor (with password-resets via email). BTW, TOTP is supported by a recent Yubi key, so you can use it as a hardware token as well. But +1 for FIDO2 implementation, is a very popular standard with many implementations on the market. And it should be easy to implement on the backend/frondent side, implementation is very straightforward with many examples all-around. -- Oleksij Samorukov
- Previous message (by thread): [members-discuss] two-factor authentication mandatory
- Next message (by thread): [members-discuss] two-factor authentication mandatory
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]