Search Results
7/23/2025, 2:54:23 PM
>>105994880
>How exactly does this increase security?
It doesn't unless it is hardware 2FA and uses a correct implementation of FIDO2
the recent article that FIDO2 is insecure used a faulty implementation with QR and a lot of non spec features that you shouldn't have
2FA is a a bulletproof vest for companies. there I said it. it is shifting the blame to the user.
>oh you got hacked?
>you must have given the hacker a TOTP code
>we will not cover this issue with our corporate insurance
that's what 2FA is 90% of the time
the real 2FA that works and is safe, thats a solo/nitro/yubi key with FIDO2
essentially much like an SSH key stored in a hardware module to do handshakes only if the sever matches known hosts
>How exactly does this increase security?
It doesn't unless it is hardware 2FA and uses a correct implementation of FIDO2
the recent article that FIDO2 is insecure used a faulty implementation with QR and a lot of non spec features that you shouldn't have
2FA is a a bulletproof vest for companies. there I said it. it is shifting the blame to the user.
>oh you got hacked?
>you must have given the hacker a TOTP code
>we will not cover this issue with our corporate insurance
that's what 2FA is 90% of the time
the real 2FA that works and is safe, thats a solo/nitro/yubi key with FIDO2
essentially much like an SSH key stored in a hardware module to do handshakes only if the sever matches known hosts
Page 1