undefined | Better HN

0 pointstsimionescu3y ago0 comments

Are these used in conjuction, or any one will do? If it's the former, it seems like it would make the problem of loss worse. If it's the latter, then it seems you've offered a variety of ways that someone can access your systems - steal a key, copy biometrics, guess the phone password etc. - the weakest one will do.

0 comments

bluedino3y ago

You only need to use one. You need a PIN to use any of the devices as well.

hn_throwaway_993y ago

Only needing one means you have the "lowest common denominator" of 2FA. E.g. authenticator apps are vulnerable to phishing, while FIDO keys are not. Adding FIDO key as an optional second factor doesn't really add much security if people can still be phished using a MITM attack using the authenticator TOTP.

j / k navigate · click thread line to collapse

0 pointstsimionescu3y ago0 comments

0 comments

bluedino3y ago

You only need to use one. You need a PIN to use any of the devices as well.

hn_throwaway_993y ago

j / k navigate · click thread line to collapse