On Wed, 2022-09-14 at 15:49 -0700, Adam Williamson wrote: > The hardcore way is to say "welp, too bad, your account's gone, > create > a new one and start over, including going through the maintainer > process again", but that might be a bit *too* hardcore. > > This is a perennial issue, though, and the weakest point of the whole > FIDO2 concept overall, including in the way it's being promoted to a > mass audience as password-less auth for everything. The official > story > is you should also enrol a backup phone or tablet or something that > you > keep at home, then if you lose your main phone, you can get into the > system with the backup device, enrol a new main device, and unenrol > the > lost/stolen main device. > > But if you *aren't* rich enough to have spare phones/tablets lying > around the place, or you just manage to lose both, the story is > basically "you go into an Apple store or call up Google or Samsung > etc. > and somehow convince them you are you and they will then auth a new > device onto your account". So, awkward squishy human processes again. To follow up on some of these points, IIRC the weakest chain in the link is alternate factors (SMS is strictly inferior to TOTP for example) and social engineering (poorly trained tech support or they just don't care). A sufficiently advanced attacker may not even have to take over an account to create a legitimate looking phishing e-mail or phone call. There's been recent stories of hackers having insider knowledge that would normally be difficult to obtain for less sophisticated attackers. I think the first step would be to create a threat model and then go from there, incorporating all of the points brought up in this thread. _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
