|
|
|
|
|
|
by duijf
1583 days ago
|
|
|
Form a corporate perspective: 2FA would still force a unique secret per user. That can be useful when your users tend to reuse passwords for different sites or choose poor ones. I have seen folks use password managers to store their poor non-autogenerated passwords. For users that do use the PW manager properly, having the PW manager store the TOTP secrets is indeed "putting all of your eggs in one basket". |
|
|