alyth@lemmy.world to Mildly Infuriating@lemmy.worldEnglish · 7 months agoMFAlemmy.worldimagemessage-square134fedilinkarrow-up1951arrow-down138
arrow-up1913arrow-down1imageMFAlemmy.worldalyth@lemmy.world to Mildly Infuriating@lemmy.worldEnglish · 7 months agomessage-square134fedilink
minus-squareMSids@lemmy.worldlinkfedilinkEnglisharrow-up4arrow-down2·7 months agoApp-based TOTP are not phishing resistant and do not require any level of proximity to the login session. The future is more likely passkeys that use device TPMs.
minus-squareHotzilla@sopuli.xyzlinkfedilinkEnglisharrow-up1·7 months agoSimple challenge number handles that, for example Azure AD MFA forces that today
minus-squareMSids@lemmy.worldlinkfedilinkEnglisharrow-up2·7 months agoThose are better, but are also not phishing resistant.
App-based TOTP are not phishing resistant and do not require any level of proximity to the login session. The future is more likely passkeys that use device TPMs.
Simple challenge number handles that, for example Azure AD MFA forces that today
Those are better, but are also not phishing resistant.