undefined | Better HN

0 pointscortesoft5y ago0 comments

The problem is that every new source of identity added is another new attack vector. If there are 10 different ways for me to prove I am who I say I am, it only takes a security flaw in one for my account to be compromised.

0 comments

Thorrez5y ago

If you set login to require 3/10 then 3 of those ways would need a security flaw before your account is compromised.

r3muxd5y ago

and then you'd need 3 factors just to log in, let alone any additional MFA those have

Thorrez5y ago

Yeah, I guess it could be inconvenient. On the other hand for many things I don't need to log in very often due to cookies keeping me logged in.

j / k navigate · click thread line to collapse

0 pointscortesoft5y ago0 comments

0 comments

Thorrez5y ago

If you set login to require 3/10 then 3 of those ways would need a security flaw before your account is compromised.

r3muxd5y ago

and then you'd need 3 factors just to log in, let alone any additional MFA those have

Thorrez5y ago

Yeah, I guess it could be inconvenient. On the other hand for many things I don't need to log in very often due to cookies keeping me logged in.

j / k navigate · click thread line to collapse