On 20.01.2024 20:52, Chris Adams wrote:
password managers/safes are ok as long as they are independent from the device used for login ...Once upon a time, Tim <ignored_mailbox@xxxxxxxxxxxx> said:That's one of my gripes about two-factor authentication - it (typically) uses your phone. Steal someone's phone, and it's everything they need to pretend to be you.That's going to be true of any second-factor device. In theory, MFA is "something you know plus something you have", but we use too many passwords to "know" them all, so we use password managers.
a tip: don't store the whole password; e.g. use the stored passwords plus something short only in your head; it might be the same to all used passwords; 3 or 4 signs are enough, e.g. '#A7x'Then the "know" is just one password manager master password... but the "have" is often stored in the same password manager (because where else are you going to store it?).
I know, if doing like this, the password manager isn't simple any more; but as always said: simplicity and security don't go together;
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
