0

Shares

News site default image

2 factor authentication: should you do it or not?

Shared by News Feed | 0 0 0 | about 3 months ago

NIST has not been recommending SMS OTP 2FA for a while precisely because of SMS inbox takeovers, MITM attacks, etc. https://www.schneier.com/blog/archives/2016/08/nist_is_no_long.html Most IDaaS vendors, Duo, etc. offer geofenceable push notification mobile app tokens with OTP generators for offline use. Almost all (except RSA) have OATH, TOTP, and HOTP compatibility, so that you can use VendorA’s […] …read more

Read More On

Categories federal

Links


0 Votes

You must log in to post a comment

0 Comments