top | item 47095492

(no title)

xprnio | 10 days ago

But 2FA is moot if it’s the same device as your bank app, is it not?

discuss

Yes. Please tell my bank that.

LtWorf|10 days ago

They know. The EU directive is quite clear that hw tokens are to be preferred over phones. Banks are cheap though and violate it.

cuu508|10 days ago

Switch bank.

clhodapp|10 days ago

It is in the specific case that you don't have biometric or PIN login set up on the device and you use a password manager that doesn't require authentication. In that case, the only factor is "something you have". Otherwise, it is still a multi-factor authentication because the device itself still represents "something you have", and your device unlock represents "something you know" or "something you are".

naniwaduni|10 days ago

Nearly all the security value of 1fa is that it keeps your users from picking the own passwords.