HackerTrans
トップ新着トレンドコメント過去質問紹介求人

goupil

no profile record

コメント

goupil
·2 年前·議論
That's a very valid point, as an automated attack could then be performed. I guess it would at least help against an attacker that would be manually checking what's inside the packets captured, or that would let his attack passively capture everything for a while and then proceed to attack.
goupil
·2 年前·議論
If your 1password is compromised, then loss of the password would mean loss of the TOTP, in which case TOTP doesn't help.

But there are other scenarios where your password could be stolen without someone getting access to your 1password, for instance if your connection isn't protected and a man in the middle can intercept your password.

In the end, I would argue that having TOTP in the same place as your password is weaker than having it somewhere else, but it's still better than no 2FA
goupil
·2 年前·議論
It's sad to see so many discussions on security and so little on privacy. How about solutions that could combine both, such as homomorphic encryption for AI?