syd@lemy.lol to Technology@lemmy.worldEnglish · edit-29 months ago15M Trello accounts have been leakedlemy.lolimagemessage-square102fedilinkarrow-up1617file-text
arrow-up1617image15M Trello accounts have been leakedlemy.lolsyd@lemy.lol to Technology@lemmy.worldEnglish · edit-29 months agomessage-square102fedilinkfile-text
minus-squareJustUseMint@lemmy.worldlinkfedilinkEnglisharrow-up1·9 months agoPhysical token over TOTP authenticator?
minus-squareKayel@aussie.zonelinkfedilinkEnglisharrow-up2·9 months agoI cannot think of a use-case outside of statecraft. Maybe companies engaged, or being engaged, in corporate espionage.
minus-squarebrian@programming.devlinkfedilinkEnglisharrow-up2·9 months agoall the root secrets are available in plain text the generator app at some point, they have to be. moving that to a single purpose device greatly reduces the risk of vulnerabilities in your phone leading to exfiltration via internet connection
Physical token over TOTP authenticator?
I cannot think of a use-case outside of statecraft. Maybe companies engaged, or being engaged, in corporate espionage.
all the root secrets are available in plain text the generator app at some point, they have to be. moving that to a single purpose device greatly reduces the risk of vulnerabilities in your phone leading to exfiltration via internet connection