Re: mobile phone + password = 2 factor auth?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Di Mai 26 2009, Seth Vidal wrote:

> If someone steals my phone - then they can get the txt msg but they can't
> get my password that only I know.
>
> If someone gets my password they have to steal my phone or hijack my txt
> msgs to get the other bit.
>
>
> So, how is this better/worse than any other 2factor auth?

If someone has only temporary access to your phone, it is a lot easier to 
tamper it and give it back to you, without you noticing it. Hardware tokens 
are normally more tamper proof and are not easy to be cloned. Therefore the 
attacker has to be in posession of the token at the time of the login. Thefore 
you can be sure that nobody else is logging in as you as long as you have the 
tokens in your hand.

Regards
Till

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
Fedora-infrastructure-list mailing list
Fedora-infrastructure-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list

[Index of Archives]     [Fedora Development]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux