|
|
|
|
|
|
by Arnt
1550 days ago
|
|
|
The ability to copy 2FA enables a big attack — elevating brief access into permanent. Someone borrows your phone for a minute and after that has permanent access. I think the best we can do is to have 2FA that can't be copied and recovery that's difficult to reach for an attacker. Google suggested using an app on the phone for 2FA and a piece of paper for recovery. |
|
|