|
|
|
|
|
|
by Spooky23
3465 days ago
|
|
|
That's a feature of something you have auth. We had a business problem several years ago where a population of users who didn't need individual access control
needed controlled access to a system based on where they were and if they were assigned a specific task. The solution was an RSA token mapped to a device specific user account. The single auth factor was the rotating code. The upside of this is that we got to control access to a system potentially available to the public in an environment with high turnover and other operational challenges. The downside is that whomever possessed the token (picture an old style bathroom key tied to a big stick) could access the system. Your thumb is that token. If you need more identity assurance, you need more factors or a protected secret. iPhone offers the latter. If your opponent is someone with subpoena power, you need to think about what and why you're doing stuff on your phone. |
|
|