|
|
|
|
|
|
by powersnail
855 days ago
|
|
|
> How is it secure if the only thing an attacker needs is a single method of accessing a single device? You should have two-factor for your password vault as well, and that TOTP is stored on a separate device. In other words, you replace the model of having password+TOTP for every account, to having one password+TOTP for your password vault, and effectively treat that password vault as an authentication service for yourself. |
|
|
Now I just have to find out how to configure this for passkeys.