Re: How do I read result of a QR Code

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 1/20/24 13:08, Walter H. via users wrote:
On 20.01.2024 20:39, Tim via users wrote:
On Sat, 2024-01-20 at 20:00 +0100, Walter H. via users wrote:
buy an iPhone ...

exact this what you want is the other way of it sense;

2FA = 2 Factor Authentication

example you login on a site, there you have the knowledge of

user and password

and then the 2nd factor, which is a OTP

when you really do this with your fedora, then there is NO 2nd factor,
because when your fedora gets compromised, the 2FA gets compromised, too
That's one of my gripes about two-factor authentication - it
(typically) uses your phone.  Steal someone's phone, and it's
everything they need to pretend to be you.

not really, because, the knowledge of user and password is somewhere else;

so neither the person who stole your phone (the 2FA device) nor you are able to login;

you should not use the phone as all in one:
- the login device,
- the 2FA device and also
- the password manager device

https://docs-prv.pcisecuritystandards.org/Guidance%20Document/Authentication/Multi-Factor-Authentication-Guidance-v1.pdf

You have to pick two of the three below.

a) Something you know, such as a password or passphrase. This
method involves verification of information that a user
provides, such as a password/passphrase, PIN, or the answers
to secret questions (challenge-response).

b) Something you have, such as a token device or smartcard. This
method involves verification of a specific item a user has in
their possession, such as a physical or logical security
token, a one-time password (OTP) token, a key fob, an
employee access card, or a phone’s SIM card. For mobile
authentication, a smartphone often provides the possession
factor in conjunction with an OTP app or a cryptographic
material (i.e., certificate or a key) residing on the device.

c) Something you are, such as a biometric. This method
involves verification of characteristics inherent to the
individual, such as via retina scans, iris scans, fingerprint
scans, finger vein scans, facial recognition, voice
recognition, hand geometry, and even earlobe geometry

--
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue



[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux