It doesn't work. The problem we have is that passwords can be phished, the solution to that is not to add a second phishable password called a "token". Is it better than nothing? Eh, in the unlikely event that you're a password re-user but not vulnerable to phishing, I guess?
-
-
This Tweet is unavailable.
-
Yeah, why not? Phishing and credential theft is a problem, U2F is a perfectly reasonable solution. It doesn't solve all problems, but it does solve the ones it aims to.
- 1 more reply
-
-
-
As you like locks so much, let me ask you this: If I came to you and told you my lock keeps getting picked, and I want to prevent that - is it good advice to just add a second pickable lock, or is that bad advice that will give me a false sense of security?
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.