Difference between revisions of "Talk:2522: Two-Factor Security Key"

Explain xkcd: It's 'cause you're dumb.
Jump to: navigation, search
Line 13: Line 13:
  
 
My immidiate take was that Ponytail was being sarcastic . . . . [[Special:Contributions/172.70.130.209|172.70.130.209]] 10:53, 30 September 2021 (UTC)
 
My immidiate take was that Ponytail was being sarcastic . . . . [[Special:Contributions/172.70.130.209|172.70.130.209]] 10:53, 30 September 2021 (UTC)
 +
 +
wow you guys finished the explanation already? nice

Revision as of 13:10, 30 September 2021


There are 2FA USB keys (WebAuthn, FIDO2, U2F) such as https://shop.nitrokey.com/shop/product/nk-fi2-nitrokey-fido2-55 with a hole to attach a keychain - and the item in the last panel looks a bit like such one Bmwiedemann (talk) 03:48, 30 September 2021 (UTC)

First thing that comes to mind when someone mentions a 2FA security key. 100% most certainly what they are talking about. yubikey/fido2 being the ones that popularized it iirc 172.69.71.177 04:41, 30 September 2021 (UTC)
Yeah, yubikey definitely comes to mind. I wouldn't call 2FA on a phone a 2FA "Key". Perhaps you could call the generator secret a (cryptographic) key, but I don't think that's what this comic is talking about. Jeffkmeng (talk) 06:56, 30 September 2021 (UTC)

2FA tokens are actually quite often physical keys that fit on a keychain and produce a secret number to input for authentication. It is only recently that such 2FA key generators have moved into phones. Here is one example: https://en.wikipedia.org/wiki/RSA_SecurID Adron1111 (talk) 06:41, 30 September 2021 (UTC)

The joke here isn't 2FA key vs tumbler-and-pin key, the joke is that all of the configuration pain he's talking about isn't setting up the key to work with his computer or various sites (which one might expect when introducing a new, non-tech-savvy user to 2FA), but rather getting the key onto his keyring. 172.69.34.67 07:22, 30 September 2021 (UTC)

Haven't put this in the text (I added some practical "what you know/have/are" stuff, from my own past experience) but I first thought it was that two actual factors are now on the keyring (insecurely, as per the current last para?). A 'have' item is obviously there, of whatever form, but now (unless it's a second 'have', supposed to be separate) there is also somehow a 'know' one (c.f. those people who have scrawled their bank-card PINs onto their bank-cards, entirely negating that particular safety-factor) or an 'are' one (bits of fingerprint? blood samples?). Possibly now imposssible to use (if not trivially easy to co-steal). Plus, remember that data security has two faces: 1) Only those authorised may access/change data; 2) Those who are authorised should not be deprived of this ability. It is commonly the second that require a second factor (separate email/phone contact) to get around problems with the first (forgotten password), though it isn't really an everyday 2FA application, just a backup 1FA method (as with "Name of first pet", etc). 172.70.34.191 10:14, 30 September 2021 (UTC)

My immidiate take was that Ponytail was being sarcastic . . . . 172.70.130.209 10:53, 30 September 2021 (UTC)

wow you guys finished the explanation already? nice

Retrieved from "https://www.explainxkcd.com/wiki/index.php?title=Talk:2522:_Two-Factor_Security_Key&oldid=218686"