|
|
|
|
|
|
by ggm
2340 days ago
|
|
|
The flaw is in number porting. Your phone number is not adequately identifying because social engineering attacks can cause it to move. If the device secure zone integrated with a google auth app or OKTA then for Data, I think its a good choice. But SMS is not about that: its about the attack on the integrity of your ownership of routing of the number to "you" I suppose I am saying that with a trusted zone, and a secure credentials store on the device, I too would have expected google authenticator to be built-in to the google pack. |
|
|