|
|
|
|
|
|
by tempestn
713 days ago
|
|
|
Another one would be a password change attack. TOTP in 1pw protects you against almost all of the things TOTP normally would, except an attacker somehow gaining access to your vault. But in order to gain access to your vault, they would almost certainly need access to one of your unlocked devices, thanks to the 1pw secret key, which is required in addition to your master pw to unlock the vault on a new device. And if they have that, thrn they would have your second factor even if it were in a separate app. |
|
|