Comment on MFA
MSids@lemmy.world 2 months agoApp-based TOTP are not phishing resistant and do not require any level of proximity to the login session. The future is more likely passkeys that use device TPMs.
Comment on MFA
MSids@lemmy.world 2 months agoApp-based TOTP are not phishing resistant and do not require any level of proximity to the login session. The future is more likely passkeys that use device TPMs.
Hotzilla@sopuli.xyz 2 months ago
Simple challenge number handles that, for example Azure AD MFA forces that today
MSids@lemmy.world 2 months ago
Those are better, but are also not phishing resistant.