On Tue, 26 May 2009, Seth Vidal wrote:
I was changing some settings with my mobile phone company and in order to
change my password they made me use what looks a lot like 2 factor auth:
something I know: my current password
something I have: my phone
I logged in with my current password - then they txt'd me a temporary
password which I had to type in to verify I was me.
Which got me to wondering - if most people have a mobile phone and/or have
access to one - why couldn't we use that as the second factor for our auth?
Now, my question is - what is dangerous/silly about this?
Jeremy mentioned some potential problems on jabber:
1. no guaranteed message delivery time
2. cost structure of sending/receiving a lot of txt msgs.
In both cases I'd be curious how that ends up in practice.
-sv
_______________________________________________
Fedora-infrastructure-list mailing list
Fedora-infrastructure-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
