FYI everyone, you can install an authenticator app (like KeePassXC) on your laptop, so you don’t need to use your phone.
polite leftists make more leftists
☞ 🇨🇦 (it’s a bit of a fixer-upper eh) ☜
more leftists make revolution
- 0 Posts
- 2 Comments
Joined 1 year ago
Cake day: March 2nd, 2024
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
TOTP ≠ MFA.
The purpose of TOTP is to use 1-time codes instead of (or in addition to) passwords, and doesn’t require multiple devices.
The purpose of MFA is to ensure the user uses multiple devices to log in. In practice, MFA isn’t usually implemented correctly, as it only requires a phone and no other device to log in, so it’s not true MFA. MFA is sometimes implemented with RFC 6238 (TOTP), but for example getting a text message or email with a log-in code is not that.
Your password manager should use a secure password so that attackers can’t get into it. It’s more secure than a phone, which often use few-digit passwords or, god forbid, fingerprints or face scans to unlock.