|
|
|
|
|
|
by einichi
1293 days ago
|
|
|
For keys used in authentication, I feel like rotation largely just protects against keys being leaked. If you can enforce keys to exist only on a secure element then to me I feel like rotation is no longer needed in this particular scenario. With the exception of the key strength no longer being enough or something similar. Perhaps I'm overlooking something? |
|
|
Do non-technical users know how to operate a secure element? Is that an encrypted home drive on a laptop protected by a weak password?
I appreciate your input, but I still think 2FA is the most secure and usable method for non-technical people. Of course, no SMS (at least outside the US).