Kilian Hanich via devel <devel@xxxxxxxxxxxxxxxxxxxxxxx> writes: > One could argue that the "password manager file" is the "something you > have" thing. No, one cannot. The three factors in security are: 1. Something you know, which means other people do NOT know it. It exists in your brain and nowhere else. 2. Something you have, which means nobody else can also have it. It can be held in your hand or stolen but there are not two of them. 3. Something you are, like your retina, fingerprints, DNA, weight, etc. Something that another person cannot "be". Putting 2FA on your phone is grudgingly accepted because your phone is "something you have". You don't "have" the app, you "have" the phone. You can't share your phone with someone else, and you'll notice if your phone is stolen. The "password manager file" can be copied, so it can't be "something you have" because someone else could have a copy too. The password for that file might be "something you know" though, and the file might exist on "something you own", but the file itself isn't a security factor. -- _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
