|
|
|
|
|
|
by tzmudzin
1376 days ago
|
|
|
> I store both passwords and 2FA in an automated software. This effectively reduces the 2nd factor to the first, and indeed produces the diminishing return. It's sufficient to hack one system using one method and you compromise both defenses. The point behind 2nd factor is to provide a second, *independent* layer of protection that would need to be compromised using an entirely different attack. In the case of the FIDO2 dongles including the Yubikeys the secret isn't even stored on your system, but on the device itself that doesn't even disclose it to your connected system. |
|
|
But yes, recently I have seen people use password managers that really do both in one single piece of software (a browser extension).
I have a few U2F hardware devices, they are convenient when set up and plugged in, rather inconvenient otherwise :/