|
|
|
|
|
|
by Reelin
2132 days ago
|
|
|
I don't think this sort of security trumps everything else approach is a valid line of argument. Surely there are tradeoffs to be made, and surely one size doesn't fit all. As to phishing in particular, I don't agree that the issue is a lack of willingness to design resistant systems or a misguided assignment of blame. I think it's because solving that problem at scale in the real world is (or at least was) legitimately difficult. The vast majority of people in the world don't carry a YubiKey on them and probably won't any time soon. There are even users in the US that still don't have reliable access to a mobile phone! A product that doesn't work for the actual users simply isn't viable. |
|
|