Y
Hacker News
new
|
ask
|
show
|
jobs
by
leokennis
2893 days ago
I’d say that a separate phone app with MFA codes that are only stored offline qualifies as a second factor, as you need both the phone and it’s access code (fingerprint etc.) to see the code.
1 comments
Spooky23
2892 days ago
It
can
, but users have the ability to undermine those controls in many cases via Authy, 1Password, etc.
link