|
|
|
|
|
|
by hashtree
4672 days ago
|
|
|
Not to mention the much more likely attack vectors with this approach over a safe/deposit box based approach (which you might be alluding to): - This has a big assumption that 2FA cannot be bypassed AND other service exploits
are not possible. The recent Dropbox security paper showed this was possible:
https://www.usenix.org/system/files/conference/woot13/woot13-kholia.pdf
- Device stolen/lost/hacked with active logins to said services OR local copies of said 2FA
recovery codes? Eek!
- Our friends at the NSA love that you use Dropbox to store this versus a more
secure service like SpiderOak.
|
|
|