“2-factor Auth, now with Easy Bluetooth Pairing” also, now with patented “missing the point” of 2-factor. https://www.authy.com/thefuture
@Authy Sorry guys, but tying together the two factors so I need to compromise only 1 is kind of goofy.
-
-
@dguido What you mean tying the 2 factors? The bluetooth only gets the generated tokens not the keys. -
@Authy and generated tokens are what you need to login to the remote service, right? -
@dguido if someone compromised your Computer and they were able to connect to your phone via bluetooth they could get a valid token. -
-
@randomoracle@dguido True. Session should be encrypted and protected via channel binding http://www.browserauth.net/channel-bound-cookies … - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.