| From: D. Hugh Redelmeier via talk <[email protected]> | Single-sign-on makes multi-factor authentication more feasible. I don't | trust the monopoly power of single-sign-on providers. And I don't | trust the resulting "one compromise to rule them all" ecosystem. And | I'm not attached at the hip to a mobile phone (SMS is the usual second | factor for consumers).
reddit got compromised when their second factor was carried by SMS: <https://arstechnica.com/information-technology/2018/08/password-breach-teaches-reddit-that-yes-phone-based-2fa-is-that-bad/> --- Talk Mailing List [email protected] https://gtalug.org/mailman/listinfo/talk
