![]() Get a couple of keys and try to keep them in different places. Email, at least, needs to be absolutely secured, as an email compromise will allow a SIM swap which gets around SMS authentication. As an IT professional, I generally tell my clients that SMS 2FA gets you 90% of the way there TOTP (Time-based One Time Passcodes) gets you 99% of the way there and hardware keys are as close to 100% as you can get. ![]() To the best of my knowledge, there is no way around a hardware key unless the user up and bypasses it themselves. There are now inexpensive "toolkits" that allow the bad guys to set up phishing attacks that get around all forms of 2FA.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |