|
|
|
|
|
|
by fulafel
294 days ago
|
|
|
> If you use oathtool on your laptop, and the password is stored there as well, you're back to 1FA In estabilished terminology you don't need multiple independent devices. For example email "magic link" is a common second factor. |
|
|
But, yes, the exact boundary is definitely debatable. It's clearly less secure than a separate token generator that you keep on your body at all times; clearly more secure than no second confirmation at all