Downside of SMS: nation-states own it, etc. But hard for an individual and your phone is password protected. Security key can just be taken.
-
-
Replying to @zeynep
it's just a number you send there and back again. SIM-card app would be nice, if you want the combination of both.
1 reply 0 retweets 0 likes -
Replying to @pinkthingie
I want the "thing you have" to have one more layer of protection.
1 reply 0 retweets 0 likes -
Replying to @zeynep
Smartcards (SIMs, tokens...) can have PINs... proving you can read an SMS feels like a very weak "thing you have".
1 reply 0 retweets 0 likes -
Replying to @pinkthingie
They can have PINs, and they should. They don't now. Add a "thing you know" to the "thing you have."
1 reply 1 retweet 0 likes -
Replying to @zeynep
Sorry, I don't understand this well. There already is a thing you know, your password, the 1 in 2FA. What you mean?
1 reply 0 retweets 0 likes -
Replying to @pinkthingie
Protect "thing you have" with one more layer so that it doesn't become "a thing that can be stolen." Passwords easy to steal.
1 reply 0 retweets 1 like -
Replying to @zeynep
I think you can protect a cellphone quite well if you really want (at expense of convenience). It's not my problem with SMS auth.
1 reply 0 retweets 0 likes -
Replying to @pinkthingie
Not against all threats. Nation-states own the infrastructure. SMS is not "a thing you have."
1 reply 0 retweets 0 likes -
Replying to @zeynep
I should have said I work with ebanking auth, so nation states aren't really a threat in my view. (They could own the bank too.)
1 reply 0 retweets 0 likes
Yeah, that's a whole different game.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.