Editing Talk:2677: Two Key System
Please sign your posts with ~~~~ |
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone.
Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 12: | Line 12: | ||
"This could also be something of a reference to ‘two factor authentication’ a security annoyance which also requires ‘two keys’ (typically something from a dynamic physical token, as well as the static password which is susceptible to unauthorised reuse) that was adopted by more secure websites." - a stretch too far, IMO. This is a situation that has never gone from 'two keys' to 'one key (operator)' and back to 'two keys'. If anything, it might have been 2FA(password + token)->2FA(browser/password-manager + token), or even 1FA(password)->1FA(browser/whatever)->2FA( +token) for the slower/earlier adopters who had not originally worked out the token element. I've commented it out, because it isn't a good enough fit to really fit the analogy presented. Unless one of the other experts here can radically fix it to do so. | "This could also be something of a reference to ‘two factor authentication’ a security annoyance which also requires ‘two keys’ (typically something from a dynamic physical token, as well as the static password which is susceptible to unauthorised reuse) that was adopted by more secure websites." - a stretch too far, IMO. This is a situation that has never gone from 'two keys' to 'one key (operator)' and back to 'two keys'. If anything, it might have been 2FA(password + token)->2FA(browser/password-manager + token), or even 1FA(password)->1FA(browser/whatever)->2FA( +token) for the slower/earlier adopters who had not originally worked out the token element. I've commented it out, because it isn't a good enough fit to really fit the analogy presented. Unless one of the other experts here can radically fix it to do so. | ||
<br />I don't personally use third-party PMs (either it's safe enough to just let the browser manage it, for convenience, or I actually remember all the individual passwords for things and untick any "Save password?" suggestion it gives me) so I also don't know how much 2FA is built into them in order to authorise them to "dual-key turn" (or if they even turn more than the one key, in any logical way), if you don't count the use of the installed PM itself as a virtual "possession" factor somehow. And I don't bank online, because I've never seen the advantages outweigh the potential problems. [[Special:Contributions/162.158.159.19|162.158.159.19]] 18:51, 27 September 2022 (UTC) | <br />I don't personally use third-party PMs (either it's safe enough to just let the browser manage it, for convenience, or I actually remember all the individual passwords for things and untick any "Save password?" suggestion it gives me) so I also don't know how much 2FA is built into them in order to authorise them to "dual-key turn" (or if they even turn more than the one key, in any logical way), if you don't count the use of the installed PM itself as a virtual "possession" factor somehow. And I don't bank online, because I've never seen the advantages outweigh the potential problems. [[Special:Contributions/162.158.159.19|162.158.159.19]] 18:51, 27 September 2022 (UTC) | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− |