“2-factor Auth, now with Easy Bluetooth Pairing” also, now with patented “missing the point” of 2-factor. https://www.authy.com/thefuture
@Authy and generated tokens are what you need to login to the remote service, right?
-
-
@dguido if someone compromised your Computer and they were able to connect to your phone via bluetooth they could get a valid token. -
-
@randomoracle@dguido True. Session should be encrypted and protected via channel binding http://www.browserauth.net/channel-bound-cookies … - 1 more reply
New conversation -
-
-
@dguido More on our reasoning here: http://blog.authy.com/thefutureThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@dguido But BT is optional. The goal is to get non 2FA users to adopt two-factor. Theres no point on having great security if no one uses itThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.