Technology Memes

445 readers

1 users here now

Welcome to Technology Memes. Here you can make memes and/or rant about technology, internet, computers, corporations, enshittification and etc.

Rules:

Stay on-topic.
Don't attack and harras anyone. Be nice.
No racism and discrimination.
No politics unless they're related to tech.
No spam, no ads.
No NSFW.
Don't repost.

Please report any posts and comments that violate these rules.

Related communities:

Linux Memes - Linux related memes.
Memes - Generic memes.
Lemmy Shitpost - Place for shitposting.
Programmer Humor - Programming related memes.
Technology - Community for tech news.

founded 7 months ago

MODERATORS

trespasser69@lemmy.world

467

MFA grind (infosec.pub)

submitted 1 month ago by thatradomguy@lemmy.world to c/tech_memes@lemmy.world

62 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] Duamerthrax@lemmy.world 1 points 1 month ago (1 children)

If your email is compromised, isn't 2FA also compromised?

[–] BassTurd@lemmy.world 2 points 1 month ago (1 children)

I suppose in some cases, yea. I was thinking about authenticator apps as MFA and forgot about email. Ideally, all MFA would be through a separate authenticator. For stronger security, something like a ubikey or other hardware security device can be used.

[–] Duamerthrax@lemmy.world 1 points 1 month ago

I don't even think I use websites that would use that. The only "app" like that is google using my phone for new logins. Every other 2fa uses my email. If it's not a google service, I'd prefer not to have to use an app because I treat my whole phone as insecure.