[GTALUG] blackmail
D. Hugh Redelmeier
hugh at mimosa.com
Mon Aug 6 16:07:23 EDT 2018
| From: D. Hugh Redelmeier via talk <talk at gtalug.org>
| Single-sign-on makes multi-factor authentication more feasible. I don't
| trust the monopoly power of single-sign-on providers. And I don't
| trust the resulting "one compromise to rule them all" ecosystem. And
| I'm not attached at the hip to a mobile phone (SMS is the usual second
| factor for consumers).
reddit got compromised when their second factor was carried by SMS:
<https://arstechnica.com/information-technology/2018/08/password-breach-teaches-reddit-that-yes-phone-based-2fa-is-that-bad/>
More information about the talk
mailing list