|
|
|
|
|
|
by Spivak
962 days ago
|
|
|
TOTP is just PAKE with a funny way of writing the password. We tricked people into using actually secure passwords and password managers by calling it 2FA and devising a scheme where the human does the challenge and the server necessarily must keep that part of the password in plaintext, but in exchange the user doesn't have to type out the long part of the password every time. |
|
|
PAKEs do significantly more; in particular, they are MITM resistant (unlike TOTPs) and provide mutual authentication.