top | item 39853361

(no title)

tkems | 1 year ago

If banks would spend money on this and not enabling support for hard to phish MFA options like hardware keys (FIDO2), I would change banks.

We have solutions to most of the phishing attacks, but most people find them hard to use or don't want to use them as they are seen as not important. I've made comments to several companies that SMS or TOTP based MFA is not phish-proof and that they need to implement something stronger, but it often is ignored.

discuss

lifestyleguru|1 year ago

> hardware keys (FIDO2)

and how would they work with smartphones, as banks a increasingly making them first-class banking clients?