|
|
|
|
|
|
by grey-area
4858 days ago
|
|
|
Could anyone explain to me what's the point of Google's two-factor authentication? Without application specific passwords it's actually pretty secure. With ASP of course, according to this article, it's no more secure at all. So it looks like ASPs need to be revised/locked down. That doesn't mean that 2-factor security is useless in principle, just that this facet of it is insecure. |
|
|
This is not at all the conclusion of the article. This isn't a bright-line issue; security exists on a spectrum.