|
|
|
|
|
|
by TheSwordsman
935 days ago
|
|
|
So as I mentioned in another comment, it's not entirely security theater. If the site enforces that an MFA token is truly one time use, then this can prevent replay attacks of your credentials being used to create a new session. If someone compromised your password store, then yeah it's all over. But if the compromise happens elsewhere, it can be a useful layer to the security onion. |
|
|